Recent Posts

Recent Blog Posts

The PhishLabs Blog

PhishLabs discovers Instagram phishing site

Posted by John LaCour on Apr 18, '12

PhishLabs has discovered a phishing site targeting Instagram users:

InstagramPhish

 

It is not clear if the intention of the responsible miscreants is to steal photos, email credentials, or Facebook credentials. It is probably the latter given the phishing site redirects to Facebook after stealing an email address and password. However, it does seem clear that with Facebook’s announced acquisition of Instagram all over the news lately and the rise in popularity of the photo sharing service, attackers have found a new brand to abuse.

But it is important to note there is nothing really special about Instagram to cyber-thieves. This incident is part of a trend of attackers using the brand name of any well known company as part of the lure. Many other companies that do not even have a consumer online presence have been used in phishing lures in recent months. Examples include real estate agencies and fast food chains. 

In the future, we anticipate that virtually all well known brands will be used in phishing campaigns for no other reason than to leverage the trust in the brand to trick the user into divulging credentials or infecting themselves with malware.

As always, Heads-Up: Stop, Think, Click (or don’t!).

Topics: Phishing, Threat Analysis

What's this all about?

The PhishLabs Blog is where we share our insights and thoughts on cybercrime and online fraud.

Recent Posts

Subscribe to Email Updates

Posts by Topic

see all