"New Phishing Campaign Steals Instagram Backup Codes"

Trustwave researchers have detailed a new phishing method that aims to bypass Instagram accounts' two-step verification. A misleading email message and login page lead users to reveal their credentials and a temporary six-digit backup code. The phishing method involves sending an email purporting to be from Instagram's parent company, Meta. It informs users that their account may have violated copyrights. To prevent losing their account, the user is prompted to log in within 12 hours using a specific link. The link sends unsuspecting victims to a legitimate-looking scam version of a Meta website. This article continues to discuss findings regarding the new phishing technique.

Techzine reports "New Phishing Campaign Steals Instagram Backup Codes"

Submitted by grigby1