PSA: Beware of This Highly Believable Instagram Email Scam
Jul 1, 2021
Dunja Đuđić
Dunja Djudjic is a multi-talented artist based in Novi Sad, Serbia. With 15 years of experience as a photographer, she specializes in capturing the beauty of nature, travel, concerts, and fine art. In addition to her photography, Dunja also expresses her creativity through writing, embroidery, and jewelry making.
Share:
While checking my emails this morning, I saw an email from Instagram telling me they’re sorry to hear I was having trouble logging in. The address from which the email was sent seemed legit, and so did the body of the message. But the thing is – I didn’t have trouble logging in. So, instead of clicking on the link provided, I did a little research. It turns out that there has been a highly believable phishing scam going around. With this article, I want to help you recognize it and not fall for it.
The Address and the Email Body: Seems Legit
The email came from security@mail.instagram.com, which seemed completely legit. However, I got it on my Yahoo mail, which is connected with my personal Instagram account. I never had trouble logging in there, which was what made me suspicious.
The first thing I did was opening Gmail. I found messages Instagram sent there because I recently forgot the password for my other account (the one for embroidery). I checked the email address – and just as I thought, security@mail.instagram.com was legit indeed.
But Still…
After realizing that the email was indeed from Instagram, something still felt weird. So, I went on digging. I discovered that there actually has been a scam connected with this email address even though it belongs to Instagram. I found a post on Reddit from two years ago where someone got the email from the same address. Only their read that someone had tried logging into their account and “Instagram” wanted them to secure it.
Then I found iOSborn’s video from last year. He received a few similar emails telling him that someone tried logging in to his Instagram account. The email address was, once again, security@mail.instagram.com. However, the emails were phishing attempts, and he shares a method for checking it.
How Can You Tell if the Email from Instagram Is Legit or Not?
Well, on the first look – you can’t. That’s the main problem. However, you can invest a little bit of extra effort and find out whether it was really Instagram that sent you the email.
Open your Instagram account and click on the three lines in the upper right corner. Go to Settings > Security > Emails from Instagram. You’ll get a list of emails Instagram sent you over the last two weeks. In Osborn’s case, none of the emails he received were legit even though the email address was!
A Plot Twist
After all my suspicion and searching the internet, it turned out that the email I received was actually sent from Instagram. I’m pretty confused, though, because I’ve been logged into my personal account for ages. In fact, that’s the only one I actually know the password for. Maybe someone else was trying to log in to my account, I have no other explanation.
Final Word
Thanks to my skepticism (or should I say paranoia), I learned two things: one, there has been a very believable phishing scam going around; and two, there is still a way to check whether it’s a scam or a legit mail from Instagram. Even though the email I got was legit, it could have easily been a scam, as it was in Osborn’s case. So, when in doubt, make sure to always check the sender’s email address and carefully examine the body of the email. And even if everything looks okay, still check Emails from Instagram within the app to make sure everything is legit.
Dunja Đuđić
Dunja Djudjic is a multi-talented artist based in Novi Sad, Serbia. With 15 years of experience as a photographer, she specializes in capturing the beauty of nature, travel, concerts, and fine art. In addition to her photography, Dunja also expresses her creativity through writing, embroidery, and jewelry making.
Join the Discussion
DIYP Comment Policy
Be nice, be on-topic, no personal information or flames.
17 responses to “PSA: Beware of This Highly Believable Instagram Email Scam”
The same thing just happened to me, seems like someone is trying to enter your account!
I got this email a few times. Didnt believe it either and just logged going direct to instagram.
I’ve got this also recently. Basically this is someone trying to get into your account. I just added 2fa and changed my password.
Thanks for the walk through! I just got this email as well and I went through all the thoughts you had until I came to this article. I had no idea there was a way to see what emails IG sends you. That really helps to know what’s phishing and what’s legit. I guess someone really wanted to hack my account lol I updated my PW and added 2 factor auth.
Yep – multiple times in the last month! Thanks for the tip on how to verify inside the app!
Just got this email now and it left me confused. I checked and it was truly sent by Instagram. I didn’t get any alert about someone logging into my account though.
Crazy…I just checked my instagram because I’ve been getting a lot of these emails too (5 within the last couple weeks) and qpparently they’re all legit. So someone IS trying to get into my account. ?
So you can hold down on the link and let the info pop up and it will tell you if it’s a valid IG link or not.
It’s possible the e-mail address is spoofed and not actually coming from IG.
Of course it’s spoofed. It’s not coming from IG. I highly doubt Instagram would be scamming its own users in this way.
Most people in this discussion (and the original post) seem to be unaware of this possibility and suggest someone was actually trying to get into the account
This happened to me too, when I switched from a random username to a combination of my name and surname. My opinion is that there are bots out of there which are randomly trying to crack accounts guessing the passwords. This could explain why I got these emails even at night.
I just got that e-mail and was genuinely confused. Thank you for clarifying how we can double check the legitimacy of these e-mails. Apparently, the one I got was legit too. Guess I’ll change my password cause it seems like someone else is trying to enter my account. I don’t even have a big number of followers! Why bother??
I just got this email and I’m already using 2FA. Does that mean there is nothing else I need to do? Seems like somebody/BOT is trying to access my account but cant due to 2FA.
Be aware of this scam: I keep getting messages saying my Instagram account has been restricted and is at risk with limited access right now due to unapproved content. I’m tempted to click on the link, but even though it looks legit, I was suspicious, so I went to <security<account status<removed content and messaging issues (all the way on the bottom) – and it says “Your account is not affected right now. Under “what this means” it says, “you are not at risk of losing your account right now.
There are so many scams on text and instant messaging, you need to do your due diligence before clicking on any links these days. For example, I got a notification on texting that said I need to pay a fast track violation. I instantly knew this was a scam because I’ve had violations before (lol) and they send the ticket via USPS mail.
Hiring an experienced social media recovery expert like Anthony is essential when facing account problems. His proven track record, technical skill, and commitment to client confidentiality make him stand out. When your reputation is on the line, trust only a professional who can handle your situation with care. Don’t wait — contact Anthony today for a consultation and get your social media presence back on track. (anthonydaviestech @ gmail com)
Hi.
Hopefully next time, you will realize immediately that you not having an issue logging in is because Someone Else was trying to log into your account, hence the security heads-up email.