Many Instagram users may have found their accounts ‘hijacked’ in recent days after hackers tricked AI chatbots.
Instagram has recently been hit by hackers, which saw users being locked out of their accounts.(Image: Andrew Harrer/Getty Images)
The majority of people nowadays use social media to catch up on the news, send videos to pals, and update other users on their recent trips or milestones. While the apps are great for keeping people connected, they also leave many people vulnerable to be attacked by scammers.
One of the latest targets of cyber crooks was Instagram, which reportedly saw many users being locked out of their pages after hackers were able to trick AI into gaining access to other users’ accounts. Thankfully, the issue has now been resolved.
As a result, Instagram has issued advice for users on its help page for how to recover their accounts if they think they have been hacked or taken over. On top of this, the Meta app has shared some useful insight into how users can avoid being tricked by phishing scams, which is another trick hackers use on social media.
The latest attack on Instagram reportedly saw hackers being able to steal other user’s accounts by faking their location and then asking the app’s AI support to change the emails associated with them, reports the BBC. A Meta spokesperson has now stated that the issue is “resolved and we are securing impacted accounts”.
The new AI support was pushed out on Facebook and Instagram in March by Meta, which has the ability to reset passwords and perform other critical account maintenance functions for users. The feature is advertised as providing “solutions, not just suggestions”.
Videos have also been shared on social media to show how easy the hack could take place. One clip shared by cybersecurity researcher Dark Web Informer on X showed someone searching for the username through Instagram’s recovery process.
Showing that the person was using a virtual private network (VPN) to hide their location, the hacker simply selected the account they wanted to access and then sent a message to Instagram’s Meta AI support assistant asking it to link a new email to the account with a verification code.
The chatbot was then seen to follow the request. After the code was sent to the hacker’s email, they also received a link to change the password of the other user’s account.
Get Daily Record Premium for just £1 per month in exclusive offer to celebrate the World Cup
What to do if you think your Instagram account has been hacked
Instagram has a variety of recovery steps available that users can try if they think their account has been taken over. The first step is to go to the app’s hacked page, where you can input your username, phone number or email address to help identify the account.
From there, you can request a login link by clicking Forgotten Password? and entering your login information. After that you must complete the captcha to confirm that you are a real human. After selecting your email or phone number, users are advised to follow the on-screen instructions they are sent.
If this fails to work, you can request a security code by tapping Can’t Reset Your Password? below the Send Login Link. This security code should then be sent to your phone or email address to regain access.
If you have tried to gain access through support, you may be asked to take a video selfie if your account has photos of you. This video will involve turning your head in different directions to help support check that you are a real person and confirm your identity.
How to avoid falling for phishing scams
A popular trick performed by scammers for social media accounts is a phishing scam. This is when someone tries to access your account by sending you a suspicious link or message that asks for personal information. These messages may claim that your account will be banned or deleted if the instructions aren’t followed.
Instagram advises that users should not trust any messages that are demanding money, offering gifts or threatening to delete the account. You can confirm that the email address is affiliated with Meta by checking the email address, which may include:
- [email protected]
- [email protected]
- @business.fb.com
- @support.facebook.com
- @fb.com
- @meta.com
- @account.meta.com
The app also advises that users should not click any suspicious links and do not respond to the messages. It is also crucial to add two-factor authentication to the account for added security.
