Do you have an Instagram account which you use on a regular basis? If so, feel warned – there’s a trend of hacked Instagram profiles promoting adult content. This trend was spotted at the beginning of 2016 but is currently taking a turn to the worse. As reported by Symantec, scammers are hacking Instagram accounts and modifying profiles with sexually suggestive imagery to trick users into visiting adult dating and NSFW sites.
Instagram Campaign Similar to Previous Twitter Accounts Compromised for NSFW Content
Researchers point out that the current Instagram situation with profiles being hacked and exploited for the promotion of pornographic content resembles a previous case with Twitter accounts. However, a direct connection between the two hasn’t been established yet.
How to Spot a Hacked Instagram Account
There are several signs that hint of accounts being exploited by attackers:
- Modified user name
- Different profile image
- Different profile full name
- Different profile bio
- Profile link changed/added
- New photos uploaded
For one, the altered profile picture is usually changed to a photo of a woman, regardless of the sex of the account owner. Other sexually suggestive photos are also added to the profile. Furthermore, the hacked profile usually instructs the user to visit the profile link. The link is either a shortened URL or a direct link to the particular page.
The best way to learn that your Instagram account has been hacked is if you attempt to login but your password has been changed, without your knowledge. Researchers believe that the owners of hacked accounts move on to create new profiles, since the hacked ones endure in time.
Interestingly, researchers have observed a slight simplification of the adult content scam. Some previously identified traits of compromised accounts are now missing, like no change in the name or no new photos uploaded. The reason for this “laziness” is not particularly clear.
Nonetheless, the campaign is definitely an example of affiliate-based spam. Researchers explain that “as with similar scams, the profile links redirect to an intermediary site controlled by the scammer.”
This site contains a survey suggesting that a woman has nude photos to share and that the user will be directed to a site that offers “quick sex” rather than dating. Interestingly, this page only appears on mobile browsers. If the user tries to visit the URLs on a desktop computer or laptop, they are sent to a random Facebook user’s profile.
Spam-Scams Compromise Other Social and Dating Networks, Too
We recently wrote about a similar scam affecting Tinder users, also denounced by Symantec. The scam involved the initiation of flirty conversations with playful opening messages like “Wanna eat cookie dough together some time?”. The spam bot would then “release” several messages, and then ask the user whether he had been verified by Tinder.
To avoid any of your user accounts being hacked and deployed for NSFW activities, sustain excellent password hygiene:
- Use only complex passwords
- Change your passwords frequently
- Don’t recycle previously used passwords, be creative
- Subscribe to Have I Been Pwned? to be notified of a breach
- Employ 2FA whenever possible
- Don’t reply to spam messages in your email inbox