Category Archives for Facebook related

2 friends scam

Beware, New Two Friends Instagram Scam

Have you received a strange message from one of your insta friends asking for help? I have, and here is why. There is a new instagram scam going around. One of your contacts will contact you with a simple request; ‘Please I need your help 😭🙏🙏’. From here, you are led to believe that their account has been locked. They have also had to choose from two friends that are able to get the account back.

 

Here is the hook..

From here, once you reply to them the scam begins. The person you are talking to is not actually your friend or contact that you think it is. This account has already been compromised. The person you are talking to a very persuasive hacker.

It sounds like a very innocent request from one of your friends and you will want to help them. They will start by explaining that they have just purchased a new iPhone. When your friend changed over to the new phone they were locked out of their instagram account. You can imagine this happening! You have had a similar problem in the past. So you wouldn’t want your friend to be locked out of their account would you?

 

2 friends scam

Only two friends can help you

The 2 friends part of the scam is very ingenious, because when you do a search for ‘instagram 2 friends’ you will find a very legit looking post about instagram testing the ability for users to choose two friends to send a notification to. These friends can then help to verify the user’s identity. Reading the post in the image below from early in February will be the next step in your guard coming down.

scam security

In the next step in this scam, the scammer will convince you that a notification will be sent to you. This will help them reset their account. Little do you know, this notification will actually reset your own account. If you agree past this point, you will receive a text message containing a link. The scammer will strongly urge you not to click this link, but to take a screenshot of the link and send it to the scammer.

No phone number, no problem!please help scam

If you don’t have a phone number attached to your account the scammer needs to add another step into the maze. I have found that this is somewhat of a deterrent for the victim. People are not always willing to give out their phone number. If you don’t have your phone number attached you will receive a message like this.

 

insta scam message

The final piece of the puzzle

You think that this is the final piece of the puzzle that will help your distressed friend to get their account back. What is really happening you say? The scammer has tried to login to your account and the message you received is actually the link that you would receive if you yourself had forgotten your own password and needed to reset it. So you happily oblige to the request and forward the screenshot to the the scammer that you still think is one of your friends.

Minutes later you will be locked out of your own account. You can’t understand how or why this happened. In those few minutes your accounts name will change slightly with 1 or 2 underscores added to it so as not to bring attention to your contacts and 2 factor authentication will be activated. You will also be receiving emails about this as it happens via the email address listed in your account.

insta scam 2What happens next?

By this time you have realised what happened and issued a warning to all of your friends on Facebook. The people close to you will know that you don’t ever post anything about crypto scams and may even forward you images of what your stolen account is posting.

Within 24 hours your stolen account will post a story advertising some crypto scam. Similar or possibly exactly the same as the one here.

Within 48 hours the account will start contacting your friends and followers. They will use the same tactics that they used on you. There is no way for you to warn most of your contacts, and you will feel terrible that you have left your friends open to this scam.

Where do we go from here?

There are ways for you to get your account back! But it is difficult. And in most cases it will not work. As soon as the scammers have access to your account they have changed the password and activated the two factor authentication which makes it doubly hard to get the account back.

The phone number attached to the account will changed. Also your email address will get changed. Your old phone number, if attached to your account will remain, so you are able to use it as part of your reset procedure. The only option I have been able to find to possibly recover the account is by submitting a selfie video. This will only work if you have photos on your account that clearly show your face.

Follow the ‘Forgot Password’ procedure

The way to do this is to use the forgot password procedure, and follow the prompts. First will be to choose your phone number from the list. Secondly, you won’t have the option for the email because it will have been changed, so you will need to click ‘try another way’ until you arrive at the ‘submit selfie video’ option.

This can take time, and won’t happen over the weekend. If your selfie video identification is successful you will be emailed with the information required to reset it.

How can you avoid this happening to you?

Be vigilant

If it doesn’t feel right, then it probably isn’t right. Do some research, but don’t stop at the first article you read and draw your conclusion from there. Had I scrolled a little further down my google search, I would have found this article  by the Independent which explained the scam.

Find another way to contact your friend

I wasn’t actually a friend on facebook with the person that owned the account that hacked me. I simply sent this person a message along with a friend request and my fears were confirmed minutes later. Contact your friend some other way and confirm they really need help.

Set up two factor authentication

I can’t stress this enough now that this has happened to me. Set up the two factor authentication on your account today. When you receive the back-up codes, keep them safe. You will need them when you log in on a new device.

Don’t trust anyone

Don’t trust anyone on the internet whether you think you know them or not. You will never know if it is actually your trusted friend on the other end.

I hope this article has helped you or someone you know. Feel free to leave a comment below and tell me about your experience on this. Did something different happen to you?