Photo-sharing program and social network Instagram is becoming increasingly exploited by cybercriminals as the service's popularity grows. Trend Micro have warned about a new Facebook clickjacking scheme that relies on the app to lure users to malicious sites.
Here's how it works: a Facebook post advertises an app which allows you to see who has been viewing your profile. To attract your attention, the scammers tag you in photos posted on your friends’ timelines. Clicking on the link will take you to a fake Facebook page where you are told how to generate a verification code, represented by a URL, and paste it into a designated textbox. Then, you are asked to install the Instagram for Facebook app.
This allows the criminals to re-post the scam message on your behalf, along with an album called Instagram Photos. Depending on your location, you will be redirected to web ads or online deal sites that ask for email subscriptions.
The advice is: do not click on links contained in suspicious posts, even if they are published by your contacts.
Instagram – launched in October 2010 – enables users to take a photo, apply a digital filter to it, and then share it with other Instagram users they are connected to on the social network as well as on a variety of social networking services. The service has over 100 million registered users worldwide.