3 min read

Instagram Security Check hopes to make life harder for account hackers

Graham CLULEY

July 16, 2021

Instagram Security Check hopes to make life harder for account hackers

Instagram has rolled out a new feature in the hope of better securing its one billion monthly active users' accounts.

As described on Instagram's blog, Security Checkup will pop-up on users' smartphones whenever the social network detects suspicious activity associated with an account, or believes it may have been compromised.

For instance, Instagram may prompt you to run a check if it detects your email address has changed recently, or mobile phone number has changed, or to confirm if a Facebook profile connected to your Instagram account is legitimate.

Such checks are important, because if your Instagram account has been hacked an attacker might have attempted to change your contact details, in an attempt to prevent you from recovering access.

Security Checkup should have been rolled out to all Instagram users in the next few weeks.

In addition to announcing the new feature, Facebook-owned Instagram has also taken the opportunity to reiterate the various security measures that can be taken to harden the security of accounts.

First on the list is enabling two-factor authentication (2FA), which adds an additional layer of security beyond usernames and passwords.

According to Instagram, it will soon be supporting two-factor authentication through WhatsApp in some countries.  But if this does not appeal, you can still setup 2FA with an authentication app like Google Authenticator.

Secondly, Instagram advises its users to ensure that the email addresses and phone numbers associated with their accounts are correct and up to date - explaining that these steps help you regain control of your Instagram account even if your details have been changed by an attacker.

In addition, Instagram has underlined to users that it will never send you a direct message (DM).  Scammer often will use this technique to dupe unwary users into handing over their account passwords or luring them into visiting phishing sites.

As Instagram explains:

"If Instagram ever wants to reach you about your account, we will do so via the ‘Emails from Instagram’ tab in your settings, which is the only place you will find direct and authentic communication from us on the app".

Finally, Instagram recommends that users enable "Login Request" - a feature which sends an alert when somebody tries to log into your account from a device or web browser that Instagram has never seen you use before.  Alert messages contain details of the device attempting to log into the account, and even where it is believed to be located - granting you the permission to approve or deny the request.

Instagram provides this functionality because it knows that there is a large appetite amongst scammers and hackers to steal innocent users' accounts.  Instagram also knows that it has many users who have still not enabled features which are really essential for hardening account security - such as 2FA.

If you're an Instagram user you can choose to ignore the advice of the site, and not bother to enable these features.  But in my opinion you do so at your peril.  Protect your account now, and make life harder for the hackers.

tags


Author



Right now

Top posts

E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

July 29, 2021

5 min read
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read
The Top Five Security Risks Smartphone Users Face Today

The Top Five Security Risks Smartphone Users Face Today

July 02, 2021

4 min read
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

July 02, 2021

3 min read
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

June 30, 2021

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

FBI Warns that Tokyo 2020 Summer Olympics Is Prime Target for Cyberattacks FBI Warns that Tokyo 2020 Summer Olympics Is Prime Target for Cyberattacks
Silviu STAHIE

July 27, 2021

1 min read
Patch your iPhones and Macs against "actively exploited" zero-day right now Patch your iPhones and Macs against "actively exploited" zero-day right now
Graham CLULEY

July 27, 2021

2 min read
Fraud Family cybercrime ring under the spotlight as arrests made in the Netherlands Fraud Family cybercrime ring under the spotlight as arrests made in the Netherlands
Graham CLULEY

July 23, 2021

3 min read