Kevin Kreider, a Los Angeles-based Instagrammer who’s known for his following around fitness-related topics, told Motherboard that extortionists first targeted him when someone named Lana reached out with a fake business opportunity. Posing as a press relations staffer from fashion company French Connection, Lana offered a sponsorship deal and sent over a link shortened with Bit.ly to the company’s own Instagram account. After being clicked by Kreider, the link redirected him to a fake login page designed to steal his Instagram credentials.
“I was at the gym going through my emails and thought it was an opportunity with a brand I respected and thought I could put on my Instagram, and when I saw that my Instagram [@kevin.kreider] disappeared from my app, my heart dropped to my stomach,” Kreider said to Motherboard.
Shortly thereafter, those responsible for hijacking Kredier’s account contacted him and demanded a ransom payment. The Instagram influencer ultimately paid $110. Even so, the criminals deleted his account, as it became unsearchable. He said he eventually retrieved his account, though it’s not clear how at the time of this writing.
Kreider is just one influencer on Instagram whom criminals have recently targeted with account takeover and extortion attacks. As reported by Motherboard, something similar happened to Lindsey Simon. She used the services of a computer-savvy friend to delay the ransom payment process and eventually recover her password. And then there’s Anna Wood, an influencer with over 50,000 followers who regained access to her hijacked Instagram account only after her followers posted her story on the platform.
Cassie Gallegos, a lifestyle-based Instagram influencer, wrote about how she reacted to a success account takeover attack in a blog post:
I had an emotional breakdown. I had worked so hard to become an influencer, to make the life I wanted to be living, I had partnerships with Hotels.com, PierHouse Key West , Dick’s Sporting Goods, Living Proof lined up to name a few. GONE. ALL OF MY WORK WAS GONE.
Gallegos paid a ransom, but as in Kredier’s case, the criminals deleted her account.
In August, the social media platform published a blog post with tips on how users can protect access to their accounts. It recommended that users employ a strong password and implement two-factor authentication, among other best security practices.