Tuesday morning, I woke up to unusually early calls from my home country, Russia. It was 5 a.m. in Phoenix, where I currently live, when my sister contacted me to tell me that my Instagram account had been hacked. I’ve received tons of messages on WhatsApp, Telegram, and Facebook and missed calls from people I haven’t spoken to in years. They all mentioned the recent Instagram post and asked, “Is this true?” ” Has been what true? I couldn’t log into my account, of course. During this time, notifications from different messengers kept coming in, increasing the level of my anxiety.
I logged into an old account and finally got to see what had happened. Hackers had published an article saying that my mother was in a car accident and needed 200,000 rubles (about $ 2,500) for surgery. They also included information for people to send money to their bank account. But the worst was in the stories. There was a video of the intensive care unit with a crying female voice in the background. There was no one in the video and it was impossible to identify the hospital, but many of my supporters thought it was me sobbing, and at least two of them sent money to the scammers .
Additionally, the hackers responded on my behalf in direct messages. My friend Ekaterina, who transferred $ 30 to the crooks, received a response: “I’m sorry for pushing, but can you lend me another $ 40 until tomorrow?” At that point, she said, she realized it was a scam. Additionally, Ekaterina told me that another friend was hacked on Instagram the same day and scammers tied the same bank account to collect money. The bank was unable to return the money to Ekaterina and redirected her to the police.
My other friend, Arseniy, wrote “me” in direct messages to say he would transfer money. But before he did, his account was also hacked. I can’t say for sure if they were the same criminals, but they hurt Arseniy more than I did. In addition to asking for money for her mother’s imaginary surgery, they posted pictures of her actual documents, including her passport. It took Arseniy two hours to regain access to his Instagram account and finally remove the harmful content. At one point, the direct messages between his account and mine seemed surreal. He sent me a screenshot where “his” hacker asks “my” hacker for help.
At least Arseniy managed to get his account back, which I can’t say for myself. Two days have passed since my account was taken over, and so far my best efforts to get the messages deleted have not yielded any results. Hackers linked my account to a different email address and unlinked it from my phone number. So every time Instagram sends me an email with the link to come back to my account, it automatically goes to the email that I’ve never seen before. On the second day of difficulties, I contacted the customer support of my email service provider (it was a Russian Mail.ru service), and the employee recommended that I check the spam filters. I was surprised when I found two emails there: [email protected] and [email protected] This meant that the hackers also had access to the email linked to my Instagram account. (Or more likely, they got into my email first, then into my Instagram, but at least they didn’t change my email password. Thanks?) Anyway , they changed the settings so that all letters from those emails are deleted immediately. I also found out that crooks logged into my account from IP addresses linked in Moscow and Kiev.
After the spam filters were removed, I received the password reset code. But unfortunately, it was too early to celebrate the victory. When I entered this code, Instagram asked me to enter another one: from an authenticator app. When you set up two-factor authentication on Instagram, you receive a notification or are prompted to enter a unique code each time you try to sign in to the account from a new device. According to Instagram’s website, the user chooses between two methods: “Sign in from a third-party authenticator app (such as Duo Mobile or Google Authenticator) or text message codes from the mobile phone.” . I hadn’t enabled two-factor authentication (which was a mistake, as I now realize), and I guess the security-conscious hackers set it up for me. So, I guess every time I try to log in someone in Kiev or Moscow receives a code, which prevents me from regaining access.
There was only one way I could give my account: ask for help. I received a letter from Facebook (he owns Instagram) with a code and instructions, reminding me of a ransom movie. I was asked to attach a photo of myself holding a handwritten copy of this code. I did, but as of early East afternoon I still had no response from Facebook support or its press service, who promised to look into the situation.
Although many of my subscribers reported the fraudulent post, it is still visible and I am still getting questions from people who are concerned. The good thing is that there are a lot of people out there who are willing to help me. The bad thing is that they’ve been exploited, Instagram apparently doesn’t do enough to protect users from scammers, and I’m not sure if I’ll be able to account for it. I’ve learned at least one lesson though: set two-factor authentication before hackers do it for you. This will be the first thing I do when I report back.
Future Tense is a partnership between Slate, New America, and Arizona State University that examines emerging technologies, public policy, and society.
