- The 1975’s singer criticized for ‘Islamophobic’ rant 3 Months Ago
- Ready to dish out $52K for Apple’s new Mac Pro? 3 Months Ago
- N.K. Jemisin and Jamal Campbell discuss their new Green Lantern comic, ‘Far Sector’ 3 Months Ago
- YouTube says it will be harsher on creators with ‘patterns of harassing behavior’ Today 1:15 PM
- Why one senator stopped a vote on net neutrality Today 12:49 PM
- Man reportedly denied refugee status after officials fail to forward email Today 12:09 PM
- ‘Jojo Rabbit’ star to lead Disney+ ‘Home Alone’ reboot Today 12:08 PM
- Beyoncé and Kelly Rowland were harassed by Jagged Edge as teens, Mathew Knowles says Today 11:52 AM
- White nationalist Nick Fuentes is upset MTV aired his white nationalist views Today 11:37 AM
- Juice WRLD had secret drug-littered Instagram, according to his ex-girlfriend Today 11:10 AM
- Jersey City suspect posted anti-Semitic, anti-police materials online Today 10:30 AM
- Novaruu was banned from Twitch for 3 days—and she can’t understand why Today 10:12 AM
- Pete Buttigieg swears he’s not in the CIA Today 9:28 AM
- Greta Thunberg named ‘Time’ 2019 person of the year Today 9:28 AM
- The best gear and gadget gifts for Dad this holiday season Today 7:30 AM
Instagram users are being targeted by a new phishing scam that accuses them of copyright infringement in order to obtain their login details.
The attack begins with an email that claims a user’s account will be suspended in 24 hours for violating the platform’s “copyright laws,” screenshots from Naked Security show.
The message further states that users wishing to refute the claim can do so by clicking a “Copyright Objection Form” button embedded in the email. One of the first signs that something is amiss is the email’s numerous grammatical errors.
Clicking the button then sends the user to a fake Instagram page. The page’s URL ends not in “.com” but in “.cf,” another indicator that the email is a scam.
The page attempts to appear legitimate by using an SSL certificate as well, represented by a green padlock and “HTTPS” in the address bar.
If a user clicks through, they will then be asked to provide their date of birth, email, and Instagram password. Once your private data is obtained, the phishing page then redirects you Instagram’s real login page.
It’s yet another reminder to always read emails carefully and to inspect the URL of any links. Users should also enable two-factor authentication on all accounts when available to protect themselves if their password is actually stolen.
- Facebook’s new sign-up feature resembles a phishing attack
- New phishing attack uses Google Translate to trick users
- Netflix warns users to be cautious of new phishing scam
H/T Naked Security
Mikael Thalen is a tech and security reporter based in Seattle, covering social media, data breaches, hackers, and more.