Instagram offering a clever, simple way to identify phishing scams

Instagram is rolling out a really neat way for users to identify phishing scams. If you receive an email claiming to be from the company, you can easily check in the app…

Author Ad Placeholder
Will only appear on redesign env.

TNW reports that the app will now show you a complete list of any genuine emails sent to you; if the email you have received isn’t shown here, it’s fake.

The feature — dubbed “Emails from Instagram” — is accessible via the app settings, and allows you to check all the legitimate emails Instagram has sent over the last 14 days.

The new feature can be found at Settings > Security > Emails From Instagram.

So, if you’ve received an email claiming to be from Instagram asking you to reset your password, you can simply fire up the app and check if it’s in the list of security-related emails.

Instagram likely developed the feature in response to a major phishing attack in late August, noted by Sophos.

Here’s another attack we received this week that was much more believable, this time going for Instagram accounts [and giving a 6-digit code in the email].

We dont like to admit it, but the crooks thought this one through.

Apart from a few punctuation errors and the missing space before the word ‘Please’, this message is clean, clear and low-key enough not to raise instant alarm bells.

The use of what looks like a 2FA code is a neat touch: the implication is that you aren’t going to need to use a password, but instead simply to confirm that the email reached you […]

The phishing page itself is a perfectly believable facsimile of the real thing, and comes complete with a valid HTTPS certificate.

This is an approach that could easily be used by other app developers to enable their users to identify phishing scams. Maybe even Apple could build it into a future version of iOS, given the number of phishing attacks targeting Apple IDs?

Instagram has been busy over the last few days, removing the Following tab from the activity feed and adding support for Dark Mode in iOS 13.

FTC: We use income earning auto affiliate links. More.

Apple iPhone 11 case deals on Amazon
You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Check out 9to5Mac on YouTube for more Apple news:



Avatar for Ben Lovejoy Ben Lovejoy

Ben Lovejoy is a British technology writer and EU Editor for 9to5Mac. He’s known for his op-eds and diary pieces, exploring his experience of Apple products over time, for a more rounded review. He also writes fiction, with two technothriller novels, a couple of SF shorts and a rom-com!

Ben Lovejoy's favorite gear