New cyber threat in Instagram password reset emails, users should be alert

New Delhi. In the very first month of the new year, a new cyber risk has emerged for social media users. Instagram users are suddenly receiving a large number of emails related to password reset. The surprising thing is that these emails are completely genuine and are being sent directly from Instagram. But these emails are being triggered by cybercriminals so that the user panics and clicks on the link and the account gets put in danger. According to the report, hackers are generating password reset requests by entering the user’s email or username. After this, Instagram’s automated system sends a reset email. The user feels that the account is being attacked and due to this panic, he may take wrong steps in haste.

The major reason for this cyber activity has been said to be the recent leak of data of 17.5 million Instagram accounts on BreachForums. According to the report, just hours after the data leak, a wave of password reset emails was seen across the world. Using the leaked data, requests are being triggered simultaneously on thousands of accounts. The subject of these emails is usually Reset your password. It is written in the message that if you have not made a request, then the email can be ignored or an unauthorized request can be reported. The email is technically correct but the danger arises from the nervousness of the user.

Expert’s warning

Cyber ​​security expert Davey Winder associated with Forbes has called it a low effort high impact attack. He says that hackers only have to trigger the request and the rest is done by the user who panics. He has advised that on receiving such emails, stop immediately and do not click on any link without checking.

2FA becomes the strongest security shield

According to cyber experts, Two Factor Authentication i.e. 2FA is the most important security step. Instagram has made 2FA the default setting for creator accounts. If an unknown device tries to login to the account, the security code is required. This makes it very difficult for hackers to access the account.

Even if a user’s account gets hacked, Instagram provides a recovery process. The option to get your account back is given through email verification and identity confirmation.

Why are I getting unexpected emails?

Many users are receiving password reset emails without any effort. Two reasons have been given for this. First, someone may have entered the wrong email by mistake and made the request. The second and more serious reason is a coordinated cyber attack in which a large number of requests are being sent simultaneously with the leaked data.

Important advice for users

Cyber ​​experts’ clear advice is that if you have not requested a password reset yourself, then ignore such emails. Read the email carefully before clicking on any link. Keep 2FA on and keep checking account activity from time to time. Overall, this incident shows that in today’s digital era, the threat does not always come from fake emails but sometimes from misuse of the real system. In such a situation, vigilance is the greatest security.