- Multimillion-dollar ‘Farming Simulator’ franchise enters world of esports Wednesday 7:38 PM
- Sandra Bullock, Chris McKay are making Netflix comic film ‘Reborn’ Wednesday 7:22 PM
- Instagram revokes Venezuelan President Nicolás Maduro’s verified status Wednesday 5:23 PM
- Transgender people suffer when debates over their rights are framed as ‘distractions’ Wednesday 4:57 PM
- Hulu with Live TV just hiked its prices Wednesday 4:05 PM
- Hacker infiltrates Nest cameras to gain PewDiePie subscribers Wednesday 2:37 PM
- YouTube time traveler claims MLK’s granddaughter will be the last U.S. president Wednesday 2:30 PM
- Media coverage of Alexandria Ocasio-Cortez’s Twitch cameo erases Chelsea Manning Wednesday 1:39 PM
- New Alexa skill lets you sing with Queen’s Freddie Mercury Wednesday 1:13 PM
- Netflix is the first streaming platform to join MPAA Wednesday 12:59 PM
- Can you spot an email from a hacker? Wednesday 12:46 PM
- Gina Rodriguez cries over being called anti-Black, gets dragged for ‘fake tears’ Wednesday 12:21 PM
- Boots Riley explains why he got snubbed by the Oscars Wednesday 12:20 PM
- Review: ‘Buffy’ returns with a modern comic book reboot Wednesday 11:47 AM
- You’re about to see a lot more Netflix on your Instagram Wednesday 11:32 AM
A security firm, working closely with Instagram, identified thousands of unique financial scams.
A Baltimore-based security firm says it has identified thousands of scams targeting Instagram users and that members of the military are at particularly risk.
The ZeroFOX Research Team spent four months analyzing Instagram posts with a machine-learning classifier specifically designed by the company to sniff out scams. The algorithm, said to accurately predict whether individual posts are scams nearly 100 percent of the time, reportedly identified more than 4,500 unique scams.
Commonly referred to as the “money flip,” the most popular scam targeting Instagram users typically “extorts victims into sending money or disclosing banking information” by promising to “flip” the money and return a huge profit, according findings ZeroFOX released on Wednesday. Over the course of the study, the company says, it analyzed “over 2 million historical posts from the last two years.” The researchers also interacted directly with scammers using “honey-pot” accounts to better understand how they operate.
The threat-intelligence firm estimates the global cost of the Instagram fraud to banks at an astounding $420 million.
In a 23-page report the researchers offered a list of general patterns observed in the money flipping scam posts:
• Scammers preyed upon users they suspected were in dire financial circumstances; for example, people with outstanding debt or unpaid bills. By appealing to their sense of desperation, scammers hoped to make them think that relief was a just few simple steps away.
• As a throwback to the classic hustle, scammers tried to create a sense of urgency by encouraging victims into making impulsive choices. By fostering the perception that opportunities were time sensitive, scammers attempted to capitalize on impaired or rushed decision making.
• Oftentimes, the scammers employed accomplices who made comments on the scam posts and offered believable testimonials about the advertised process. These modern day shills offered deceptions such as, “I can’t believe it really works!” and, “I did this last week, this is so legit.”
ZeroFOX co-founder Evan Blair tells the Daily Dot that the money flipping schemes are one of the biggest issues facing its clients, top-tier financial services firms. “They were losing millions of dollars annually in fraud-remediation costs due to these scams that were happening on Instagram,” he says. “They weren’t able to keep up manually. One of our clients, who is a top-five consumer financial in the U.S., had a team of six people dedicated to just manually scouring Instagram and trying to get these taken offline through the same mechanism that you or I would if we saw something pornographic, for example.”
The company’s research focused solely on Instagram, Blair says, because the researchers discovered the scams were affecting the platform’s users at about 10 times the rate of other social networks. In comparison, the same scams appeared only sparingly on Facebook. “Instagram has a variety of unique factors as a network, the images being front and center, the openness, the engagement and direct message capabilities; slight nuances that make a big difference,” Blair explained.
Philip Tully, a senior data scientist at ZeroFOX, said that military-centric institutions are being specifically targeted by the scammers, in addition to users believed to be financially desperate. “We did some natural language processing on these scams to try to peel apart and extract what meaningful information we could grab from it, both including what kind of language are they using to convince people and social engineer them,” he said. What the company found was that the topics typically targeted by the scams had very “military-specific sentiment.”
“Military members get targeted a lot in very benign situations by marketing teams,” Tully explains. “If you show your credentials, if you show that you’re a military member, you get a ‘20 percent discount’ at this location. If you’re looking at this from a situation of someone who’s been an active military member, you’re conditioned to believe that people are trying to look out for you and give you a deal.”
ZeroFOX believes the Instagram scammers are cognizant of this “behavior dimension” and may be intentionally exploiting it by using language specifically to attract current and former service members.
“It’s not just military members,” says John Seymour, another ZeroFOX data scientist. “It’s folks that are in tough financial situations as well. People that have more susceptibility to be a victim are the ones that are targeted.” The scammers, he says, will typically look for people who are in situations that gives them a “predisposition to believing” due to their desperate financial circumstance.
“They’re certainly some traditional con-man tactics being used here,” adds Seymour.
The researchers were additionally able to interact directly with scammers by creating fake Instagram accounts. “Surprisingly, we amassed 23 scam account followers within 48 hours of our initial follow of financial institutions,” ZeroFOX’s report says. “These observations imply that scammers are aggressively monitoring fresh followers of financial institutions in order to execute a scam. This should be alarming for any financial institution leveraging social media; for every customer that follows a brand account, expect them to get dozens of follow requests from scammers.”
ZeroFOX says it is working directly with Instagram to remediate the company’s scam problem through the creation of more “programmatic” reporting and review capabilities.
Dell Cameron was a reporter at the Daily Dot who covered security and politics. In 2015, he revealed the existence of an American hacker on the U.S. government's terrorist watchlist. He is a co-author of the Sabu Files, an award-nominated investigation into the FBI's use of cyber-informants. He became a staff writer at Gizmodo in 2017.