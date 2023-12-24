Summary: A new phishing campaign targeting Instagram users has been discovered, exposing a vulnerability in the platform’s two-factor authentication (2FA) system. Attackers are posing as Instagram’s parent company, Meta, and sending emails to victims claiming that their accounts are infringing on copyrights. The emails create a sense of urgency stating that the accounts will be permanently deleted unless the user submits an appeal within 12 hours. Clicking on the appeal form link redirects users to phishing websites that impersonate Meta’s actual portals. The attackers trick users into providing their usernames, passwords, and most importantly, their 2FA backup codes. With this information, the attackers can gain unauthorized access to the accounts, completelypassing the 2FA security measure.

Phishing attacks via email continue to be a common vector for cybercrime, and it is crucial for users to be able to identify and avoid malicious emails. In this particular campaign, the suspicious elements include the sender’s email address, which is not affiliated with Meta, and the use of a Google notifications URL in the appeal form button.

To protect themselves from these phishing scams, Instagram users are advised to be vigilant and not share their passwords or backup codes outside of the official app. If users suspect that they have been compromised, they should immediately change their passwords and generate new backup codes. This can be done within the Instagram app going to Settings and Privacy > Accounts Center > Password and Security > Two-Factor Authentication > Select the Instagram account > Additional Methods > Backup Codes > Get New Codes.

It is essential for users to stay informed about the latest phishing techniques and to take proactive steps to protect their online accounts. By remaining vigilant and following best practices for online security, users can minimize the risk of falling victim to phishing scams and unauthorized access to their accounts.