Instagram users posting photos with popular hashtags like #throwbackthursday are being targeted by scammers offering free Instagram followers. These scammers are using the offer to phish for Instagram login credentials and drive users to survey scams.
Figure 1. Compromised account comments with links to free follower accounts
click_here_get_###_followers
The scam accounts are leaving comments on pictures found through popular hashtags like #throwbackthursday with links to an assortment of accounts advertising free followers.
Figure 2. Instagram account offering free followers and likes
These accounts have not posted any photos of their own and simply contain a short bio directing users to a link to get free likes and follows. They all follow the same naming convention:
- CLICK_HERE_GET_###_FOLLOWERS
The numbers climb all the way up to 343. It’s unclear if the scammers registered nearly 350 accounts or if those numbers are randomly generated. During our investigation, we found over 40 active free follower accounts.
Figure 3. Multiple, active scam accounts offering free followers
Phishing for Instagram accounts
If the user clicks through on the links found on these free follower accounts, they are redirected to a site that looks just like a real Instagram login page. However, it’s not the legitimate Instagram login page and is hosted on another site.
Figure 4. Instagram phishing site
It seems likely that the scammers are capturing these Instagram login credentials in order to leverage more compromised accounts to drive traffic to their free follower accounts.
Survey scams
While most of the links we found on these free follower accounts lead to phishing sites, some lead to a website offering free Instagram followers and likes. Ultimately, users are directed to a survey scam which is backed by an affiliate program.
Figure 5. Affiliate backed survey scam site
This particular site called “Followers Now” asks for a user name and the number of likes and followers the end user wants. It presents a fake console designed to trick the user into thinking that the website is legitimate and can deliver followers and likes to them. Before it does this, it prompts the user for human verification.
Human verification is a common theme used in survey scams. Scammers use this as a way to convince the user that they need to perform an action, in this case filling out a survey, or installing an application on their phone before they can receive their prize, gated content, or free likes and followers. As you might expect, even if the user completes the survey, they never end up getting what they asked for.
There is no such thing as free
When it comes to social media, nothing is ever truly free. Be wary of offers for free likes or followers on Instagram. If a link leads to a web page that looks like Instagram, attempt to verify its legitimacy before logging in, as it’s likely to be a phishing site trying to steal your account credentials. Finally, if you end up on a site that asks you to verify that you’re a human being, close the tab.
During our investigation, we discovered that the phishing site had an open directory, which hosted a file containing account credentials for nearly 500 Instagram users.
We contacted Instagram about this issue. Instagram has identified and cut off the source of this particular scam. The company has taken steps to return control of any impacted Instagram accounts to the proper owners.