Scammers are faking Instagram copyright infringement notices in order to steal user's login details, according to a new report by security firm Kaspersky.
Using an official Instagram email header complete with logo, and an unofficial email address that looks surprisingly official (for example, firstname.lastname@example.org), the email informs users that they have violated copyright laws and that if they do not verify their account within 24 hours, their account will be deleted.
As is the usual tactic with scammers, the message is complete with many spelling and grammatical errors, designed to filter out the less gullible and hook in those that either isn't proficient in English or simply did not look carefully enough.
With many Instagram users relying on the social media platform as their main source of income, the threat of having their account suspended or even deleted is usually enough to make them especially pliable to the scammer's tricks.
Once users click on the Verify Account link, they're taken to an official-looking page where they are given the option to appeal the decision. They are then asked to input their real Instagram username and passwords, and in some cases, are even asked to enter their email account username and passwords for good measure.
Scammers then collect this information and either sell them on the black market or use them for identity theft and blackmail purposes.
Users should always be careful in examining links within emails and be wary of official-looking websites that use unfamiliar domain names. Kaspersky has also compiled some other tips when it comes to detecting fraudulent emails at the end of this article.
Users can also contact Instagram support directly from within the app if they wish to verify any issues.