Securing your social media accounts is extremely important. It is best to use every security tool that the platform has given you. But what if these tools fail to do what they are supposed to do?
People use Instagram for different things. Many of us use it just to look at aesthetic photos and be updated on what’s going on with the people we love. Others go to Instagram for entertainment, especially now that Instagram Reels are a thing.
But some use the platform for more important things. For example, influencers use Instagram to make a living. Meanwhile, celebrities use it to communicate with their fans. Likewise, businesses, large and small, use Instagram to connect with their customers.
No matter why you are on Instagram, it is no good if you lose access to it. Or worse, if someone like this Reddit thread details it stolen from you. Your hacker can use your account to scam people. And because this is your account they’re using, they might think it’s you.
Moreover, your Instagram account contains your private information. Hackers who have access to that can put you at risk.
However, we cannot stress enough how important it is to make your Instagram account as secure as possible. Enabling Two Factor Authentication is one of the best things you can do to avoid getting hacked.
What is two-factor authentication
Two-factor authentication is your second line of defense after your password. Let’s say a hacker knows what your password is. They can use that to log into your Instagram account. They have successfully accessed your account if two-factor authentication is not enabled. On the other hand, they have to go an extra step if you have the feature enabled.
Instagram will ask them to provide a code because they are logging in from an unknown device. what’s the code The one that Instagram will send you when it tries to log in. They can only get that if they have your phone or they ask you to give them the code. Needless to say, you shouldn’t give them that.
Thus, enabling two-factor authentication is one of the most effective ways to prevent hacking.
How to enable two-factor authentication on Instagram
Log in to your Instagram account and tap your profile picture in the lower right corner of the screen. Then, tap on the hamburger menu and select Settings. Click on “Security” and select “Two-Factor Authentication”. Choose “Get Started”.
You can set the feature to send the code to your phone via text message. Alternatively, you can select a standalone authentication app, such as Google Authenticator or Duo Mobile.
New hacking methods
Hackers can make workarounds to gain access to your account without the need for the code from two-factor authentication. But these methods can be complex.
If you log into Instagram with your friend’s phone after setting up 2FA, you’ve marked that device as trusted. Therefore, you will not need a code again if you log in with this device. However, hackers can access your account if they steal your friend’s phone.
Of course, this also applies to your phone or computer. Hackers can also access your Instagram account if they gain access to it.
But this requires them to steal your devices or devices that you used to log into your Instagram account. And although some hackers are also thieves, not all of them are like that.
However, hackers are getting smarter, ZDNet’s Stephen Vaughan Nichols reports. They hacked his account and bypassed 2FA without issues. And the way they used it was unheard of.
ZDNet’s senior contributing editor said hackers accessed his account using a photo he had sent. He says he received a reasonable letter from one of his friends. The message contained a link to reset their account. Stephen is wise enough not to click that. But the thing is, his friend didn’t ask him to click on it. Instead, his friend asked him to send a screenshot of the message, including the link. He did it because it seemed harmless – the reset link was to his friend’s account, not his. Unbeknownst to him, however, he has just opened Pandora’s Box.
The hackers used a combination of the image URL and its response to obtain enough information to access his account.
Two-factor authentication failed
Stephen says he knew something was wrong. He received an email asking if he wanted to change the phone number associated with his account to one from Nigeria. But he just ignored it because he enabled two factor authentication.
However, he begins to panic when the following events don’t go as he thought. Instead of sending an email with an “undo this change” link, he got a message that said “how to secure your account”. This link brought him to the Instagram page of the hacked accounts. Stephen says it wasn’t helpful at all.
Then, he received another email saying that his account was now linked to a new Gmail account. Again, Instagram didn’t give him a chance to get back into shape.
Stephen says he did everything he could to regain access to his account. Request login links using the mobile application and contact technical support in Instagram – a Facebook page. Also, he wrote to his Instagram PR with an introduction about his identity. Unfortunately, none of these fruits bore fruit.
The journalist’s case is not the only case where two-factor authentication failed to protect an Instagram user’s account. Bored Ape Yacht Club, a leading NFT pool, has been the victim of a phishing attack. Apart from them, many corporate and user accounts have been hijacked even though two-factor authentication is enabled.
The lesson here is not to feel too comfortable having two-factor authentication enabled. It seems that Instagram has not yet mastered this feature, and hackers can exploit its vulnerabilities. Therefore, your best bet is still to be careful about what you do and what you share. The rule of thumb is to never do anything fishy anyone tells you on Instagram.
How and why do hackers break Instagram’s 2FA to get more Instagram followers?
One of the main reasons hackers choose to break the rules on Instagram is the allure of fame and influence. Many users on the platform are eager to have a large number of Instagram followers, as it is often considered a symbol of fame and social status. Hackers, in turn, capitalize on this desire by compromising other users’ accounts and using them to gain more followers for themselves. This is done by posting content on the hacked account, following other users, and even buying followers.
Another motive for hackers is financial gain. They may use hacked accounts to promote products or services, or to sell access to the account for a profit. In addition, hackers may use compromised accounts to spread malware or phishing links, which can be used to steal personal information or money from unsuspecting users.
Another technique used by hackers is “brute force” attacks, where they use automated scripts to guess login credentials by trying thousands of combinations of usernames and passwords in a short period of time. This is why it is so important to use a strong, unique password and enable two-factor authentication.
Hackers also use malware to gain access to user accounts. They can install malware on a device that records the 2FA code when it is received, malware that can intercept text messages or phone calls, or control the device remotely.
It is worth noting that Instagram has a black market where hackers can buy and sell account credentials, and this is an effective tool for them to gain access to more user accounts.
date: January 28, 2023 / Categories: interesting, / Author: Drees rich