Hacked Instagram accounts seducing users with adult dating spam

Your Instagram account could have been spiced up by spammers.

Hacked Instagram accounts seducing users with adult dating spam

Attackers are leveraging hacked Instagram accounts to tantalize unsuspecting users with adult dating spam.

Satnam Narang, a senior security response manager at Symantec, notes that for most of the hacked accounts he and his fellow researchers have come across, the compromise is all-encompassing. That means attackers modify the hacked accounts' username, write a different bio, and upload new pictures of a sexually suggestive nature, in addition to making other modifications.

Hacked instagram accounts initial

For some reason, a few of the hacked accounts don't try as hard to close the deal. Those spammers don't change the username or upload any new pictures.

Whether borne by indolence or inventiveness, that tactic is surely enough to ruin the romance along with someone's reputation on the social networking site.

That's not even the strangest part. In either case, the fraudsters never delete any pictures uploaded by the original account owners. Kinky? I think not.

Hacked instagram accounts with original photos

Each hacked profile flirtatiously instructs users to click on a link. Doing so brings them to a website controlled by the attackers, where the scams reach their climax.

Narang explains what happens next:

"This site contain[ed] a survey suggesting that a woman has nude photos to share and that the user will be directed to a site that offers 'quick sex' rather than dating. Interestingly, this page only appears on mobile browsers. If the user tries to visit the URLs on a desktop computer or laptop, they are sent to a random Facebook user’s profile.

Once a user completes this survey, they are redirected to an adult dating website that contains an affiliate identification number. For each user that signs up to the site through this link, the affiliate, or in this case the scammers, will earn money."

Hacked instagram account affiliate spam survey

For each breached account, the attackers change the associated passwords. That's no surprise; the scammers probably leveraged weak credentials combined with password reuse attacks to gain access in the first place.

Password reuse attacks have been on the rise in 2016. Over the past few months, Carbonite, Pandora, and GoToMyPC are just a handful of the sites which have instituted password resets after their hackers targeted their users with password reuse attacks.

To protect against these types of campaigns, users should implement a strong password and two-step verification (2SV) across all of their web accounts. Those measures will help users defend their accounts against spammers, as will a refusal to click on suspicious adult dating links.

Tags: ,

Smashing Security podcast
Check out "Smashing Security", the new weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"Three people having fun in an industry often focused on bad news" • "It's brilliant!" • "The Top Gear of computer security"

Latest episode:

,

One Response

  1. coyote

    August 12, 2016 at 9:12 pm #

    Thanks for all the puns.

Leave a Reply