A new Instagram phishing campaign has been found. Scammers are sending direct messages to Instagram users stating that they are on a so-called “Nasty List” or “You’re on Here.” If a user clicks on the profile link in the message, they are taken to a profile that has been created by an attacker. The profile usually has a name such as The Nasty, YOU’RE ON HERE or Nasty.List. The profiles will have a link to what looks like a legitimate Instagram login page. Scammers are hoping that the user will input their username and password so they can hijack the user’s actual account and change the login credentials for. Users can identify the fake profile by looking at the web address, it is located at nastylist-instatop50[.]me instead of the normal Instagram web address. Many companies use Instagram to promote their products and services, allowing attackers to obtain login credentials which can potentially compromise the fans and customers of the company.
Analyst Notes
If the user sees any message containing the above-mentioned statements, the user should delete the message immediately. Users are advised to never enter login information into any page that does not belong to Instagram.com. If a user has been hacked by the “Nasty List” and still has access to the account, the user should reset their password to a more unique and complex password. If the user loses their ability to log in, they will need to contact Instagram to correct it.
