skip to Main Content

At The Identity Organisation, we're here to help!

    Your privacy is important to us, and we want to communicate with you in a way which has your consent and which is in line with UK Law on data protection. As a result of a change in UK law on 25th May 2018, by providing us with your personal details you consent to us processing your data in line with current GDPR requirements.

    Here is where you can review our Privacy & GDPR Statement

    To remove consent at any time, please e-mail info@tidorg.com with the word "unsubscribe" as the subject.

    +44 (0) 1628 308038 info@tidorg.com

    Bitcoin Scam Videos on Instagram are Part of an Elaborate Account Takeover Scam

    British Scam Video Instagram

    This elaborate scam uses social engineering to trick victims into sending the hacker Bitcoin while holding Instagram accounts hostage.

    It’s an interesting use of hacking skills. According to a recent story on Motherboard, hackers are taking over Instagram accounts using spoofed Instagram logon pages and promising to release the hostage account to its owner if they create a video promoting a bitcoin scam in which the Instagram victim states they “invested” in bitcoin and are getting amazing returns on their investment.

    1636140455302-emma

    Source: Motherboard

    Instead of releasing the account, the hackers share the video in an attempt to get account followers to send the hacker Bitcoin (with no return on their “investment”, of course).

    We’ve seen attacks like this previously on Twitter, with high-profile accounts being hacked to promote these same kinds of scams. But the video angle (especially if the account owner puts some effort into make it seem legitimate) is an interesting form of hostage-based social engineering. I’m wondering if ransomware actors may take to this tactic, forcing victim organizations to get followers on social media to do something similar.

    The crux of these attacks start with a credential attack on the influencer’s Instagram account. Whether it’s password spraying or a credential theft attack, individuals who as savvy to the ways of these kinds of attacks through Security Awareness Training will have strong and unique passwords for accounts, as well as won’t fall for spoofed logon pages.


    Request A Demo: Security Awareness Training

    products-KB4SAT6-2-1

    New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn’t a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your one-on-one demo of KnowBe4’s security awareness training and simulated phishing platform and see how easy it can be!

    PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: https://info.knowbe4.com/one-on-one-demo-partners?partnerid=001a000001lWEoJAAW

    close

    Sign Up to the TIO Intel Alerts!

    Back To Top