April 23, 2019

Have you been receiving strange messages on Instagram from your followers about you being on something called the “Nasty List”? If so, the message is a massive phishing campaign being spread through hacked Instagram accounts. According to the report on Bleeping Computer, clicking on TheNastyList profile link takes you to a page containing a second link, which then leads you to a cloned Instagram login page asking for your Instagram username and password. Anyone who falls victim to this scam and provides their credentials will soon find out that all of their followers are sent the same phishing message telling them they are too on the Nasty List. 

Phishing attacks are the most common and effective social engineering attacks. These days social media is all about rapid clicking. It’s easy to say don’t fall for it, but what if people do? 
Hopefully you have been following our tips on how to spot phishing and you would spot the fake login page by noticing that the domain nastylist-instatop50[.]me is not a genuine Instagram domain. However, if you did fast click on the first link and you stopped short of providing your Instagram credentials on that page, you are safe. 

• Change your Instagram account password. If you have used the same password on any other online accounts, change those as well. 
• Enable 2FA (https://help.instagram.com/566810106808145)
• Check for any unauthorized changes made in your profile, including your email address and phone number associated with the account

Written by: Hanna Guan (Cyber Security Analyst, Information Security)