ITRC: Identity Criminals Add New Twist to Facebook & Instagram Account Hack Scams; Pose as “Friends” of the Victim
Home Help Center ITRC: Identity Criminals Add New Twist to Facebook & Instagram Account Hack Scams; Pose as “Friends” of the Victim
- The Identity Theft Resource Center (ITRC) has already received more inquiries regarding social media account takeovers and Facebook and Instagram account hack scams in 2022 than all of 2021.
- According to reports to the ITRC, identity criminals were commonly using bitcoin scams to hack into people’s accounts. However, they’ve recently shifted their tactics. Now, many scammers are posing as “friends” of the victim.
- The “friend” of the victim sends a link to the victim to help access the friend’s account. However, once the victim clicks on the link, they are locked out of the account.
- To avoid Instagram and Facebook account hack scams and social media account takeovers, don’t click on links in messages unless you verify with your friend directly that they sent the message. Also, use a strong passphrase on your account that you never share, as well as two-factor authentication.
- If your Facebook or Instagram account has already been hacked, follow the Instagram and Facebook Help Center’s steps to recover your account.
- If you believe you have fallen victim to an Instagram or Facebook account hack scam, or want to learn more about how to stay safe online, contact the ITRC. Call toll-free (888.400.5530) or live-chat with an expert advisor by visiting idtheftcenter.org.
While Facebook and Instagram account hack scams have been around for a long time, social media account takeover cases rose in 2021. Throughout 2021, the Identity Theft Resource Center (ITRC) received 320 social media account takeover inquiries. Those numbers have skyrocketed in 2022. The ITRC has already received nearly 500 social media account takeover inquiries in the first three months of the year.
Identity criminals have been targeting Instagram and social media users in many different ways. Most notably has been with bitcoin scams. (The ITRC has already received more bitcoin scams cases in 2022 than in all of 2021.) Now, scammers appear to be shifting their tactics.
What is Happening?
According to reports to the ITRC’s contact center, identity criminals are now committing Instagram account hack scams by posing as a “friend” of the victim and telling the victim that the “friend” needs help getting back into their Facebook or Instagram account. The “friend” sends a link, the victim clicks on it, and then the victim cannot get into the account. The ITRC has also received reports of similar scams on Facebook.
What They Want and Why They Want It
Identity criminals continue to look to hack Instagram accounts, and other social media accounts, because of the value of the credentials. According to Digital Shadows, the cost of a hacked Instagram account on the dark web is $45. For context, the price for a Social Security number (SSN) on the dark web is only $2.
How to Avoid a Facebook or Instagram Account Hack Scam
- Never click on any links sent to you until you verify the message’s validity. If a friend sends you a message that contains a link, attachment, or file, reach out to the friend directly to make sure they sent you the message. It could be a malicious link that locks you out of your account.
- Never share your personal information with anyone. Since the Instagram and Facebook account hack scams began to rise, scammers have been playing on people’s emotions and building trust with their victims in hopes they’ll hand over personally identifiable information (PII). Scammers can be persuasive. However, you should never share passwords, PINS, codes or any other type of sensitive information.
- Use two-factor authentication (2FA) and a strong and unique password on your account. Using a 12+ character unique passphrase and 2FA on your account provides added layers of security and protection to keep criminals out.
While the demand for hacked Facebook and Instagram accounts continues to be high, these are things you can do to protect yourself. There are additional steps you can take to stay safe online. For more tips on how to avoid a hacked Instagram account, read our blog on how to protect yourself from a hacked Instagram account.
What to Do If You Have a Hacked Instagram Account
While the steps above help you reduce your risk of falling for a Facebook or Instagram account hack scam, it does not eliminate it. If you believe your Instagram account was hacked, there are steps for you to take, including:
- Checking your email account for a message from Instagram,
- Requesting a login link from Instagram, and
- Requesting a security code or support from Instagram.
For information on how to do all of these things, read our blog on what to do if you have a hacked Instagram account. If your Facebook account was hacked, follow the steps in their Help Center to recover your account.
Contact the ITRC
To learn more about these scams, or social media account takeover, and what you can do to protect yourself, contact the ITRC. You can speak with an advisor toll-free by phone (888.400.5530) or live-chat on the company website. Just visit www.idtheftcenter.org to get started.
How much information are you putting out there? It’s probably too much. To help you stop sharing Too Much Information, sign up for the In the Loop.
Get ID Theft News
Stay informed with alerts, newsletters, and notifications from the Identity Theft Resource Center