Hackers are accessing and taking over Instagram accounts in order to promote adult dating sites.
The latest report from Symantec comes after the security experts spotted an influx of fake Instagram accounts luring users to adult sites earlier this year.
The new trend sees normal Instagram accounts getting hacked, the user name, profile and bio changed, and a URL added.
The owner of the Instagram profile often learns their account has been hacked when the attacker changes the password, and an error message appears when they try to login.
The security experts imagine weak passwords are the reason for these breached accounts, especially because 600m hacked passwords have appeared in 2016.
In addition to changing the bio and username, the hackers add sexually suggestive images to the feed and the profile picture, despite keeping all the images uploaded by the original account owner.
More recently, Symantec has noticed that some hacked accounts don’t feature any new photos, and the username stays the same.
The new bio tells the user to visit the profile link, which is either a shortened URL or a direct link to an intermediary site controlled by the scammer.
Symantec’s Satnam Narang said: “This site contains a survey suggesting that a woman has nude photos to share and that the user will be directed to a site that offers “quick sex” rather than dating.
“Interestingly, this page only appears on mobile browsers. If the user tries to visit the URLs on a desktop computer or laptop, they are sent to a random Facebook user’s profile.”
After this survey, users are sent to an adult dating site, which contains an affiliate identification number, and for every new user that signs up, the affiliate earns money.
Symantec said these accounts can often stay hacked for a few months, maybe because the old users decide to create new accounts.
In terms of advice to stop your account getting hacked, Symantec suggests using Instagram’s two-factor authentication.
The security experts said the Instagram hack bares similarities to a Twitter account where hacked accounts were also used to promote adult dating sites.
Earlier this year, Symantec spotted a new wave of Tinder scams that saw fraudsters trick singles into getting their dating profile “verified”, then hitting them with secret charges when they moved them off the dating platform.
Read more about the scams here.