Instagram Users Hit by Wave of Password Reset Attacks Following Massive Data Breach
Those who use the photo sharing site Instagram are currently under attack due to password resets after it was found that the site had been hacked, with the data of 17.5 million users exposed.
It looks like it is no coincidence. This is because hours before password reset emails flooded the Instagram accounts of many users, the details of 17.5 million accounts had been leaked on BreachForums, which has been associated with various cybercrime incidents.
How the Attack Works
As in other phishing attacks that use forged emails, in these attacks, the hackers use the password reset feature of Instagram. The users get authentic emails coming from Instagram itself, with the title “Reset your password.” These are authentic emails because the hackers are making use of the user’s data in requesting for the reset of Instagram passwords.
This scam does not involve technology. In social engineering attacks, the users' need for quick action when they get a notice for resetting the passwords that displays unexpectedly is what the attackers rely on. This notice is usually from a trusted source and ensures that the target for the scam, which is the users' accounts being compromised, is accomplished.
But there is one thing that most people using this service often forget. This is evident in the email that states, “If you ignore this message, your password will not be changed. If you didn’t request a password reset, let us know.”
Protecting Your Account
To tackle this problem, experts recommend two important measures. First is two factor authentication. Attackers might be able to deceive users into resetting their passwords. However, without a second factor in this process, attackers won’t be able to gain access to accounts.
Users receiving unexpected password reset emails should:
🔹Take a moment to read the message carefully before clicking anything
🔹Ignore the reset request if they didn't initiate it
🔹Report the suspicious activity to Instagram
🔹Enable two factor authentication immediately if not already active
🔹Monitor their accounts for unusual activity
With 2 billion active monthly users on Instagram, this makes the site a highly lucrative target for hackers. The recent attack that went through email serves only to highlight the need for strong account protection and of being cautious about social engineering even when emails look perfectly bona fide.
Despite this breach, that was claimed to have taken place, Instagram or any other party has not issued an official statement regarding the attack. Moreover, no comments were made about the sudden surge in password reset requests.
Two Factor Authentication: Your Defense Against Instagram Account Takeover
In the wake of millions of accounts being targeted in password reset attacks, Instagram is now pressuring users to check their 2FA settings.
According to Instagram's support documentation, a password reset request doesn't by itself suggest a hack, it might be user error. But given the timing of this set of attacks only hours after 17.5 million account records showed up on BreachForums suggests some kind of coordinated campaign.
The thing is that, thankfully, Instagram has enabled 2FA for all creator accounts, which means that a new verification code will be required if the login happens on a different device. It means that no matter how often the password gets reset, the attacker will still have no access because he or she does not have the verification code.
All Instagram users were advised to immediately review their 2FA settings to ensure that 2FA has not been disabled. Alternatively, those who were already locked out of their accounts were offered a special account recovery service on their help page.
👉🏻 Found this article interesting? Follow us on Facebook, Twitter and whatsapp to read more exclusive content we post.
