- The new scam operates in a similar manner as the recent ‘The Nasty List’ scam.
- The scam begins with Instagram users receiving a message regarding a list of their ‘hot’ photos on Instagram.
A new phishing scam called ‘The Hotlist’ has been found targeting Instagram users lately. This new scam operates in a similar manner as the recent ‘The Nasty List’ scam.
How does it work - The scam begins with Instagram users receiving a message regarding a list of their ‘hot’ photos on Instagram. The message reads something like, "I just saw a few of your photos on the @The_HotList_95 and they are already upvoted to #26!".
Once the recipients visit the message sender’s account, then they are displayed with a post that says ‘Everyone Is On Here Look’ and includes a description along with a link that reads ‘Check what position you're in!’.
If users click on the link, then they are taken to a fake Instagram login page that is used by scammers to steal login credentials. The link typically ends with .me domain, Bleeping Computer reported.
What are the impacts - The scam is being used to steal Instagram account details of users. Once the scammers grab the login credentials, they can use them later to send further phishing messages to other Instagram users.
How to stay safe - Users can avoid falling victim to such Instagram phishing scams by:
- Not entering their login credentials if they are on a page that does not belong to the Instagram website;
- Verifying the profile of the sender/source before sharing any personal information;
- Ignoring message from an unknown source that asks you to share sensitive details as it can be a phishing scam.