![]() At the same time, verification remains a mysterious and misunderstood process for many social media users. Impersonating social media brands makes sense for scammers and verification is the perfect lure to trick users into giving up their credentials and personal information. In fact, according to Vade’s own Phiser’s Favorite Report, social media companies are the fourth most phished websites of any industry with Facebook being the second most impersonated brand. Verification scams have become more popular as social media platforms like Instagram and Facebook have grown inside. Vade notes that the scammers behind the campaign did their homework and included each victim's actual Instagram handle in their phishing emails. This particular Instagram phishing campaign began on July 22 and more than 1,000 emails were sent out per day to potential victims. After the page refreshes, another field appears where users are prompted to input their password and login.Īfter this is done, a confirmation message appears with a bogus Case ID and tells them that the team will contact them as soon as possible with the average time being 48 hours. However, there are also several grammatical mistakes and punctuation errors which are a dead giveaway that this is a scam.Ī form prompts potential victims to enter their Instagram handle along with their name, email and phone number in order to be verified. This Badge Form page also tries to appear legitimate by copying the brand colors of Instagram and Meta’s logo. Here, the scammers hope that victims believe Instagram uses a different website besides its own to verify users. If a user ends up skimming through the email and clicking on the Badge Form button, they are taken to a malicious website with the domain name “teamcorrectionbadges”. Stealing user credentials and info with the promise of a blue badge The cybercriminals behind this new phishing campaign hope that Instagram users will be so excited about finally getting verified that they will overlook these details and click on the blue button at the bottom of the email which reads “Badge Form”. The email also tries to instill a sense of urgency by telling potential victims that “the form will be permanently deleted within 48 hours”. ![]() ![]() Several grammatical errors and typos appear throughout the email and Vade points out that it also includes a phrase commonly used by scammers: “Thanks, you instagram team”.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |