Instagram Creates New Feature That Fights Phishing Attacks
One of the most dangerous forms of cyberattack might be phishing attacks, mostly because they are easy to pull off with any kind of high-tech skill and because too often, they work. In a phishing attack, the criminal sends you some kind of message and pretends to be someone they are not. It might be your boss, a Nigerian prince fleeing the country, your favorite retailer or even a friend. The message might look and sound authentic, but the sender is not.
Instagram has launched a new feature that will try to curb phishing attacks via its platform. One of the more common versions of an attack, at least when it masquerades as an online platform or website, is the claim that you must verify your login credentials in order to secure your account. Another popular twist is to claim that someone has logged into your account from another device, and you need to “click this link” if you were not the one who did it.
Image courtesy of Instagram
Image courtesy of Instagram
Now, users will be able to press the settings button on their Instagram screens and find a list of emails with what company sent them, along with the date and the reason. If you receive an email in your inbox and it is not in your Instagram app’s settings, then you will know it did not come from the company.
Image courtesy of Instagram
This small step can make a big difference in preventing identity theft and account takeover from phishing attacks. However, it will only work if users think to take a peek and compare the lists of emails. Until other platforms take similar precautionary measures, there are a few helpful hints you can remember to block cybercriminals:
1. Never click a link, open an attachment or download any content from an email unless you are expecting it or have verified it with the sender. Even if it appears to come from someone you know, that person’s email account could have been hacked or copied. Check with the sender before taking any action.
2. Never verify your identity, login credentials, account numbers or any other sensitive data for someone who calls, texts, emails or sends a private message. Many companies have come out and stated they will never ask you for this information.
3. Never comply with strange requests, even if you think you know the sender, without verifying the request verbally. It might be changing account numbers, changing a password on an account, sending funds to a different account or even buying gift cards. If you receive a request that in any way involves money or sensitive information, dial the phone and call the sender first using a phone number you looked up for yourself.
Contact the Identity Theft Resource Center for toll-free, no-cost assistance at 888.400.5530.
You might also like…
Identity Theft Resource Center Sees Organizational Growth
How much information are you putting out there? It’s probably too much. To help you stop sharing Too Much Information, sign up for the In the Loop.
