In a new form of phishing attack, Instagram users are being victimized with fake login attempt warnings along with two-factor authentication codes in order to make the phishing attack believable.

Cyber attackers are deploying phishing attack for luring victims into revealing their sensitive information through fraudulent websites that they control. This is attempted though a number of social engineering techniques and messages that are designed to appear as if they are being sent by a legitimate authority.

How Are Attackers Deploying The Attack?

Attackers are deploying the phishing email attack through fake Instagram login alerts. These alerts dupe victim by making them believe that someone has attempted to log in to their account. After that, attackers ask victims to confirm their identity through a fake sign-in page which is linked within the message.

Attackers have also added a code that can be used as a second authentication code for confirming identity. Once the victim ends up on the phished landing page, he will observe a perfectly cloned Instagram login page. This login page has been secured with a valid HTTPS certificate. It also displays a green padlock for ensuring that the victim does not doubt the authenticity of the page.

The emails used in this phishing attack look identical to Instagram’s official messages for avoiding any suspicions before the target is redirected to the phishing landing page of the attacker. These emails appear to be quite legitimate and do not have many loopholes including a few punctuation errors, missing space before the word ‘Please’.

The other loophole that is visible is displaying the ‘’ domain in the web browser’s address bar, the phishers use a .CF domain. Rest of the email is used in the phishing attack seems genuine and does not raise alarm bells.

Instagram Has Been Attacked Before! 

However, this has not been the first time that Instagram has suffered from a cyber attack. In the month of May, a news related to the unsecured database of Instagram surfaced. Apparently, the database was found publicly lying on the internet.

The reason behind this leak was an unprotected database that was hosted by Amazon Web Services bucket. This led to the exposure of more than 49 million records of Instagram influencers on the internet including brands, celebrities as well as food bloggers.

Possible Phishing Attack Prevention

  • If your Instagram credentials are stolen or if your account has been hacked. If you still have access to your account, first check whether your actual email address and phone number are still associated with your account.
  • To go to your profile and select Edit Profile, then scroll to the bottom in order to view the email address as well as the phone number.
  • Try entering your correct info in case your details have been swapped with attacker-controlled ones.
  • Change your account’s password by following these instructions that are provided by Instagram. The password change will allow devices that are currently logged into your account to be automatically logged off. It will, then, allow you to log back into your Instagram account.

Here are some of the few pointers that can help phishing attack prevention:

  • Revoke access to any suspicious third-party apps.
  • Turn on the two-factor authentication for ensuring additional security
  • Never submit your sign-in credentials on a page other than ‘’.
  • Even if a green padlock is available, check whether the domain is a legitimate one or not.

For phishing attack prevention, it becomes important to keep your eyes open while surfing on the internet.

Pallavi Dutta

By Pallavi Dutta

Content Marketer and Team Leader

Leave a comment

Your email address will not be published. Required fields are marked *