Digitalization
07.01.2022 1037
You are hacking your Instagram account with a copyright trap
Fake copyright complaints disguised as real problems for Instagram users. Cyber security experts warned users about the danger of compromising their accounts using this new method.
The frequent theft and possession of content created and shared on the Internet is causing many platforms to put in place formal procedures for resolving and resolving copyright disputes. There are mechanisms on the Instagram social network that the complainant can use in the event of allegations such as content theft and fraud, and anyone who believes they have submitted an unfair complaint can appeal.
However, this system has been heavily abused recently. Sophos, a cybersecurity company, has warned users of cyber attackers trying to control targeted Instagram accounts amid reports of copyright infringement.
HOW DOES THE METHOD WORK?
The attackers send an email to the owner of the account they want to hack, which appears to have been sent through Instagram. The post mentions that you are interested in a copyright infringement complaint and you can click a link if you would like to appeal that complaint.
If you believe you have faced an unfair complaint and click the link to file an objection, you have taken the first step into the trap. If you enter your account password in the form open to object on the website you are visiting, you run the risk of blocking your account.
WHAT SHOULD BE DONE IN THIS CASE?
Here is a photo taken with Sophos security researcher Paul Ducklin of the trap.
- To object to Instagram copyright complaints, go directly to the relevant page on the website instead of clicking the links in the email sent to you. Do the same with other social networks and content sites that you use.
- Even if you accidentally visit an identity theft website, don't go any further. Think twice before entering any data in the forms that appear.
- Use a password manager and two-factor authentication whenever possible. Password managers will detect when you are visiting a fake website that you have never come across and prevent your password from being autofilled. The attackers' work is also made more difficult by two-factor authentication, where just a password is not sufficient to access the account.
- Talk to someone you know who has personally filed a copyright complaint. The information they share will help you distinguish between true and false complaints.