PSA: Beware of this highly believable Instagram scam

Jul 1, 2021

Dunja Djudjic

Dunja Djudjic is a multi-talented artist based in Novi Sad, Serbia. With 15 years of experience as a photographer, she specializes in capturing the beauty of nature, travel, and fine art. In addition to her photography, Dunja also expresses her creativity through writing, embroidery, and jewelry making.

PSA: Beware of this highly believable Instagram scam

Jul 1, 2021

Dunja Djudjic

Dunja Djudjic is a multi-talented artist based in Novi Sad, Serbia. With 15 years of experience as a photographer, she specializes in capturing the beauty of nature, travel, and fine art. In addition to her photography, Dunja also expresses her creativity through writing, embroidery, and jewelry making.

Join the Discussion

Share on:

While checking my emails this morning, I saw an email from Instagram telling me they’re sorry to hear I was having trouble logging in. The address from which the email was sent seemed legit, and so did the body of the message. But the thing is – I didn’t have trouble logging in. So, instead of clicking on the link provided, I did a little research. It turns out that there has been a highly believable phishing scam going around. With this article, I want to help you recognize it and not fall for it.

The address and the email body: seems legit

The email came from security@mail.instagram.com, which seemed completely legit. However, I got it on my Yahoo mail, which is connected with my personal Instagram account. I never had trouble logging in there, which was what made me suspicious.

The first thing I did was opening Gmail. I found messages Instagram sent there because I recently forgot the password for my other account (the one for embroidery). I checked the email address – and just as I thought, security@mail.instagram.com was legit indeed.

The email I got on Yahoo mail (still to be checked)
The email I got on Gmail (confirmed to be legit)

But still…

After realizing that the email was indeed from Instagram, something still felt weird. So, I went on digging. I discovered that there actually has been a scam connected with this email address even though it belongs to Instagram. I found a post on Reddit from two years ago where someone got the email from the same address. Only their read that someone had tried logging into their account and “Instagram” wanted them to secure it.

Then I found iOSborn’s video from last year. He received a few similar emails telling him that someone tried logging in to his Instagram account. The email address was, once again, security@mail.instagram.com. However, the emails were phishing attempts, and he shares a method for checking it.

How can you tell if the email is legit or not?

Well, on the first look – you can’t. That’s the main problem. However, you can invest a little bit of extra effort and find out whether it was really Instagram that sent you the email.

Open your Instagram account and click on the three lines in the upper right corner. Go to Settings > Security > Emails from Instagram. You’ll get a list of emails Instagram sent you over the last two weeks. In Osborn’s case, none of the emails he received were legit even though the email address was!

YouTube video

A plot twist

After all my suspicion and searching the internet, it turned out that the email I received was actually sent from Instagram. I’m pretty confused, though, because I’ve been logged into my personal account for ages. In fact, that’s the only one I actually know the password for. Maybe someone else was trying to log in to my account, I have no other explanation.

Final word

Thanks to my skepticism (or should I say paranoia), I learned two things: one, there has been a very believable phishing scam going around; and two, there is still a way to check whether it’s a scam or a legit mail from Instagram. Even though the email I got was legit, it could have easily been a scam, as it was in Osborn’s case. So, when in doubt, make sure to always check the sender’s email address and carefully examine the body of the email. And even if everything looks okay, still check Emails from Instagram within the app to make sure everything is legit.

Filed Under:

Tagged With:

Find this interesting? Share it with your friends!

Dunja Djudjic

Dunja Djudjic

Dunja Djudjic is a multi-talented artist based in Novi Sad, Serbia. With 15 years of experience as a photographer, she specializes in capturing the beauty of nature, travel, and fine art. In addition to her photography, Dunja also expresses her creativity through writing, embroidery, and jewelry making.

Join the Discussion

DIYP Comment Policy
Be nice, be on-topic, no personal information or flames.

Leave a Reply

Your email address will not be published. Required fields are marked *

14 responses to “PSA: Beware of this highly believable Instagram scam”

  1. Sophie Avatar
    Sophie

    The same thing just happened to me, seems like someone is trying to enter your account!

  2. coinchantal Avatar
    coinchantal

    I got this email a few times. Didnt believe it either and just logged going direct to instagram.

  3. Parafly Avatar
    Parafly

    I’ve got this also recently. Basically this is someone trying to get into your account. I just added 2fa and changed my password.

  4. EJ215 Avatar
    EJ215

    Thanks for the walk through! I just got this email as well and I went through all the thoughts you had until I came to this article. I had no idea there was a way to see what emails IG sends you. That really helps to know what’s phishing and what’s legit. I guess someone really wanted to hack my account lol I updated my PW and added 2 factor auth.

  5. Kimberly Funk Avatar
    Kimberly Funk

    Yep – multiple times in the last month! Thanks for the tip on how to verify inside the app!

  6. Chukwudi Udegbunam Avatar
    Chukwudi Udegbunam

    Just got this email now and it left me confused. I checked and it was truly sent by Instagram. I didn’t get any alert about someone logging into my account though.

  7. Lydia Koranda Avatar
    Lydia Koranda

    Crazy…I just checked my instagram because I’ve been getting a lot of these emails too (5 within the last couple weeks) and qpparently they’re all legit. So someone IS trying to get into my account. ?

  8. Rachel Avatar
    Rachel

    So you can hold down on the link and let the info pop up and it will tell you if it’s a valid IG link or not.

  9. TvdM Avatar
    TvdM

    It’s possible the e-mail address is spoofed and not actually coming from IG.

    1. Kaouthia Avatar
      Kaouthia

      Of course it’s spoofed. It’s not coming from IG. I highly doubt Instagram would be scamming its own users in this way.

      1. TvdM Avatar
        TvdM

        Most people in this discussion (and the original post) seem to be unaware of this possibility and suggest someone was actually trying to get into the account

  10. Jack Avatar
    Jack

    This happened to me too, when I switched from a random username to a combination of my name and surname. My opinion is that there are bots out of there which are randomly trying to crack accounts guessing the passwords. This could explain why I got these emails even at night.

  11. Andressa Andrade Avatar
    Andressa Andrade

    I just got that e-mail and was genuinely confused. Thank you for clarifying how we can double check the legitimacy of these e-mails. Apparently, the one I got was legit too. Guess I’ll change my password cause it seems like someone else is trying to enter my account. I don’t even have a big number of followers! Why bother??

  12. Blappy Mason Avatar
    Blappy Mason

    I just got this email and I’m already using 2FA. Does that mean there is nothing else I need to do? Seems like somebody/BOT is trying to access my account but cant due to 2FA.