If you receive a direct message or email on Instagram claiming that a copyright infringement has taken place on your social media account – be warned, it’s almost certainly a nasty scam. The Facebook-owned firm has mailed-out an alert informing all users they should be on the lookout for any messages claiming to be from the photo-sharing app.
In a post on Twitter, Instagram said: “You may get emails that LOOK like they’re from Instagram, but they’re not.”
The bogus message, which was shared with Instagram’s warning on Twitter, suggests users have infringed copyright and must provide feedback or face losing their account permanently.
This worrying warning is followed by a fake link which, if clicked, takes the user to a fake web page where the hackers are then able to steal account names and passwords. Instagram has confirmed that it will never direct message any of its users about things such as copyright violations or ask for any personal details including passwords. The firm then goes on to warn users that they should not click on the link or reply to any messages.
If for any reason Instagram does need to contact you it will be sent via the “Emails from Instagram” section in settings. To find this part of the app simply head to Settings > Security > Emails from Instagram.
The firm is also now advising all users to switch on two-factor authentication, which means you’ll need to receive a text message before someone logs into your account on a new machine. The message will include a unique code which then needs to be typed in before access is gained.
This should mean even if hackers get your password they won’t able to use it without also getting hold of your smartphone. To turn on two-factor authentication head to settings > Security > Two-factor authentication.
It’s unclear how many people have been targeted by this latest threat, but it’s worth taking note as it could leave your account in the hands of hackers.
Instagram has published a full list of things to do to keep your account safe which include:
• Pick a strong password. Use a combination of at least six numbers, letters and punctuation marks (like ! and &). It should be different from other passwords you use elsewhere on the internet.
• Change your password regularly, especially if you see a message from Instagram asking you to do so. During automated security checks, Instagram sometimes recovers login information that was stolen from other sites. If Instagram detects that your password may have been stolen, changing your password on Instagram and other sites helps to keep your account secure and prevent you from being hacked in the future.
• Never give your password to someone you don’t know and trust.
• Log out of Instagram when you use a computer or phone you share with other people. Don’t check the “Remember Me” box when logging in from a public computer, as this will keep you logged in even after you close the browser window.
• Think before you authorise any third-party app.