The Instagram account of a small business owner in Vancouver was recently taken over in a disturbing new scam where hackers gain access to a user’s account and attempt to cheat on their contacts – all while posting about bitcoin mining.
Anita Sikma has been designing custom jewelry for the past 15 years and Instagram has been an important way for her to attract clients, showcase her portfolio and interact with clients. Losing access to her account while watching the hacker try to impersonate her was incredibly stressful — and on top of that, she says Instagram hasn’t done much to help.
“It’s just been a total nightmare,” she said. “This is my livelihood, and it’s completely compromised.”
It all started Saturday morning when Sikma received a message from a friend in Toronto asking for help in logging into her Instagram account again. Not knowing that the friend’s account had been hacked, Sikma had to do it.
A text message arrived on Sikma’s phone from a five-digit number with a link to supposedly access an Instagram account. Sikma was told not to click, but instead take a screenshot of the message and send it back to her friend via Instagram.
But then an email arrived from Instagram saying that someone had logged into her account in Toronto. She tried to say she wasn’t the login, but the hacker had already changed the email address and phone number of both her personal and business accounts.
The hacker started posting about bitcoin mining, sharing photos of a $10,000 wallet balance and a Mercedes SUV. On stories, the hacker encouraged her followers to message external coaches to achieve a high return on their own.
In addition to the public messages, the hacker also sent many of its customers directly. They tried to get the customers to send money via bank transfer, ostensibly for one of Sikma’s rings. In one case, they even told a customer not to use Sikma’s e-transfer email that they had used for a previous purchase.
You know that bitcoin mining Instagram hack doing the rounds? Here’s what’s happening in the DMs:
Hacker imitates this jewelry designer who tries to cheat her customers out of hundreds pic.twitter.com/Ec05cgy5Pk
— Megan Devlin (@MegDevlinn) Apr 28, 2022
“It’s creepy…just knowing that this person messages everyone on my contact list, just picks up conversations that had stopped with customers and pretends to be asking me for money. It’s just really scary because it’s also fraud.”
Daily Hive requested a response from the hacker, but they did not respond. The accounts the hacker tagged in their stories are no longer active.
Instagram hacks leading to bitcoin scams are becoming more common, Canadian Anti-Fraud Center spokesman Jeff Horncastle told Daily Hive. The Instagram user usually receives a message from a friend asking for help resetting their password, and the suspect sends a reset link.
But when the victim clicks on the link, the suspect gains access to his Instagram account – which the hacker uses to trick his contacts into an investment scam.
The CAFC didn’t have a total for the number of times this fraud was reported, but it did say that investment scams had the highest reported dollar loss in 2021 — with victims losing a total of $164 million.
“The majority of investment scam reports involve Canadians investing in cryptocurrency after seeing a deceptive ad. It usually involves victims downloading a trading platform and transferring cryptocurrency to their trading account,” Horncastle said. “In most cases, victims cannot withdraw their funds. It is very likely that many of the trading platforms are fraudulent or run by fraudsters.”
The CAFC advised users to beware of deals that seem too good to be true, unsolicited messages, and people communicating with a sense of urgency.
As for Sikma, she resorted to starting a new account when multiple requests to Instagram’s Help Center went nowhere. But on Wednesday night, the situation changed when a Meta employee helped her regain access after Daily Hive contacted the company’s media relations department.
“I have a lot to clean up, for the past four days my hacker messaged thousands of people every hour and linked both accounts to hundreds of other scammers, blocking some of my dearest customers,” Sikma wrote in a message on Thursday.
A spokesperson for Meta, the company that owns Instagram and Facebook, told Daily Hive it has taken “advanced measures” to stop hackers from gaining access to users’ accounts, as well as opportunities for people to recover their accounts. .
“We know we can do more here, and we’re working hard in both areas to stop bad actors before they do harm, and to keep our community safe,” the spokesperson said.
The spokesperson declined to answer questions about specific additional measures to combat fraud, nor say how many accounts have been affected by scams like this one.
The Meta spokesperson encouraged users to use a strong password that is not used for other online accounts, to revoke access to third-party apps, and to set up two-factor authentication.