Security News > 2022 > September > Thousands lured with blue badges in Instagram phishing attack
Blue badges are highly coveted as Instagram provides them to accounts it verified to be authentic, representing a public figure, celebrity, or brand.
The spear emails in the recently observed phishing campaign inform recipients that they Instagram reviewed their accounts and deemed them eligible for a blue badge.
The messages feature Instagram and Facebook logos and inform the recipient that their account is eligible for a blue badge, urging them to click on an embedded button that would take them to the relevant submission form.
Thirdly, Instagram blue badges are reserved for notable public figures, celebrities, and brands, so regular accounts aren't eligible.
Campaigns targeting social media users with phishing emails are very popular and are not limited to Instagram.
To safeguard your account, Instagram offers two-factor authentication for additional security, so even if you give away all your details to phishing actors, losing access to your account would be more complicated.
News URL
Related news
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Darktrace: 96% of Phishing Attacks in 2024 Exploited Trusted Domains Including SharePoint & Zoom Docs (source)
- Phishing attack hides JavaScript using invisible Unicode trick (source)
- FatalRAT Phishing Attacks Target APAC Industries Using Chinese Cloud Services (source)
- Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail (source)
- YouTube warns of AI-generated video of its CEO used in phishing attacks (source)
- Ukrainian military targeted in new Signal spear-phishing attacks (source)
- Phishing platform 'Lucid' behind wave of iOS, Android SMS attacks (source)