What Is a Fake Infringement Notice Attack?

Bad actors have recently launched a new campaign, targeting Instagram users with phishing emails.

The phishing campaign hinges on one commonly used social engineering trick - scaring the victim into submission. The bad actors are sending out e-mails from a fake Instagram support email and attempt to scare the victim into thinking their Instagram account is about to be taken down because of some sort of copyright infringement.

The fake support e-mail contains a link to a malicious phishing site, set up to mimic Instagram's real login portal. If the victim clicks the link and enters their credentials, they simply hand over their password to the hackers.

Old tricks, new scheme

Similar "copyright infringement" attacks have been used in the past, with very similar bait. The bad actors usually target relatively popular accounts with lots of followers where potential closure of the account would be a big deal, and hope the victim goes for the bait.

Of course, like with most phishing campaigns, there are a number of red flags that are easy to spot in the original phishing e-mail. First of all, the address of the sender is not that of Instagram support, even though it attempts to mimic it.

The very obvious issue with the address the bad actors used is that it uses instagram dot team as its domain and not instagram dot com. Checking out simple things like that can save you a lot of headaches when dealing with suspicious e-mails.

The text of the fake warning message about account suspension also has multiple very obvious grammatical errors in it - something that you will not find in official, real correspondence from a huge company.

Even though similar phishing campaigns are launched on a daily basis, they are usually easy to avoid. All you need to do is keep an eye out for the address where the e-mail came from, watch out for irregularities and always check links by hovering on them before you click anything.

October 29, 2020

Leave a Reply