Phony Instagram ‘Support Staff’ Emails Hit Insurance Company


Level 85
Thread author
Honorary Member
Top Poster
Content Creator
Malware Hunter
Aug 17, 2014
A phishing campaign used the guise of Instagram technical support to steal login credentials from employees of a prominent U.S. life insurance company headquartered in New York, researchers have revealed.

According to a report published by Armorblox on Wednesday, the attack combined brand impersonation with social engineering and managed to bypass Google’s email security by using a valid domain name, eventually reaching the mailboxes of hundreds of employees.

Scam Looked Identical to Instagram​

The attack began with a simple email. Disguised as an alert from Instagram’s technical support team, it indicated that the recipient’s account was under threat of deactivation. The intention, according to the report, was “to create a sense of urgency while instilling trust in the sender.”

“You have been reported for sharing fake content in your membership,” read the body of the email. “You must verify your membership. If you can’t verify within 24 hours your membership will be permanently deleted from our servers.” This message fostered a sense of urgency, to goad the unsuspecting into clicking on a malicious “account verify” link. Targets who did so ended up on a landing page, where they were asked to submit their Instagram account login information. That information would go straight to the malicious actor, of course, unbeknownst to the target themselves.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.