Sophisticated Instagram scam hijacks business and influencer accounts, Norton warns

A Norton, the cybersecurity brand of Gen™, warns of a new and sophisticated scam that's working alarmingly well and has been circulating via Instagram direct messages. Cybercriminals are targeting influencers, small businesses, and content creators, who can have their accounts hijacked after interacting with fake profiles posing as "Meta" technical support. 

According to Iskander Sanchez-Rola, Director of AI and Innovation at Norton, this type of scam poses a significant risk to those who rely on Instagram as their primary channel for increasing visibility, generating revenue, and staying connected with their audience. 

“We are dealing with a very well-designed scheme that accurately simulates the communication of the “Meta Ads Help Center” (Meta's Advertising Support Center). By posing as Meta representatives, scammers exploit the emotional vulnerability of those fearing the loss of their profile to induce urgent and thoughtless actions. The impact can be devastating for those who rely on Instagram as a strategic business channel," says Iskander. 

How the scam works 

The scam begins by sending a message directly to the victim, appearing to be legitimate and sent from the “Meta Ads Help Center” (“Meta’s Advertising Support Center”). The message claims that the account violated Meta policies and will be deactivated soon. The message is often accompanied by external links and an alarmist tone, designed to generate fear and urgency. 

Clicking the link takes you to a page that mimics the "Meta Ads Help Center." Victims are asked to "Request Review," which involves entering their Instagram username, password, and, in many cases, even their two-factor authentication code.  

With these credentials in hand, the scammer can quickly take control of the account, block the owner, and exploit the stolen profile's audience. To achieve this, the cybercriminal can adopt a variety of strategies: from applying fraud targeting the profile's followers—such as promoting fake investments or phishing links—to demanding a ransom to return the profile to its owner. There are also cases where accounts are sold on underground markets on the deep web. 

Some signs can help users identify these scam attempts. Messages sent by accounts without a verification badge and with few followers are one of the signs. Urgent, threatening language about account deletion or policy violations, with grammatical errors and poor writing, should also raise red flags, as should any request to click on external links promising account "verification." 

Iskander Sanchez-Rola recommends some best practices to protect yourself against this type of scam: 

• Never click directly on links in messages from unknown accounts. Meta and Instagram will never ask you to verify your account via private message. 
• Check the sender's profile. Official Meta accounts are verified and will not have names like advertisingsupportcenter0798. 
• Use two-factor authentication on your accounts, to prevent unauthorized access. 
• Report the account to Instagram if you receive one of these messages. 
• Consider using a security solution designed for small businesses, if you manage social media accounts as a team or use shared devices. Tools like Norton Small Business offer social media monitoring to help prevent account takeovers by administrators. 
• Educate your team. If you manage your account with other people, make sure everyone knows how these scams work. 

With the growth of digital businesses and the influence of social media on brand building, scams like this become increasingly dangerous. Awareness and the use of appropriate tools are fundamental steps to protecting digital identities and avoiding financial and reputational damage in the online world. "Norton continues to closely monitor the evolution of these threats and reinforces its commitment to the digital security of small businesses and content creators," concludes Sanchez-Rola.