New phishing campaign targeting Facebook and Instagram influencers

Spanish authorities report the emergence of a new phishing variant targeting users of social media platforms like Instagram. According to the report, threat actors try to take control of accounts with powerful and level of interactions by sending fraudulent messages.

The campaign was deployed throughout April, with multiple users reporting that their accounts were subjected to phishing attempts through a simple but effective attack. The attackers reportedly impersonated Facebook or Instagram staff members, sending messages to the owners of the affected accounts to try to take them to unsafe websites from where they would try to steal their information.

If users fell into the trap control of their accounts passed into the hands of the hackers, they would subsequently demand payment of a ransom to hand over control of the accounts to their legitimate owners. It should be noted that most affected users had accounts with thousands of followers, so the loss of these profiles could even cause them legal problems or economic losses.

Spanish authorities informed users about this campaign via Twitter, inviting users to try to identify potential security risks via email. 

A document subsequently shared by the National Police briefly describes how those responsible for this malicious campaign are operating once they have taken control of the target account:

  • Hackers change the email address associated with the affected profile
  • Subsequently disable the multi-factor authentication feature if there is one
  • Username is changed multiple times so that users cannot track the account
  • Any attempt at account recovery is interrupted

DJ Fatima Haiji, who has more than 380,000 followers on her Facebook page, was one of the personalities affected by this campaign, going through all sorts of inconveniences when trying to recover her account.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.