top of page

Cyber criminals have been #phishing for bait on social media accounts in the South East

Updated: Apr 17, 2023

Quite often small businesses depend on their social media accounts to survive. Some have huge engagement and losing access would be very harmful to their day-to-day trading.


In the South East earlier this year, a business received a message which at first glance seemed like an official message from Instagram. The message was positioned to scaremonger the user into thinking they had violated a copyright law, and in order to prevent the account being closed within 24 hours, they needed to follow the onscreen instructions.



The business owner clicked on the link, logged into their #Instagram account and within seconds were logged out of their account. Their passwords were changed, and they were no longer able to access their account. This is a real example of a #phishing attack where the business owner lost access to a system they heavily rely on.


The business then received a #whatsapp message from the #hacker with instructions of how to pay so they could regain control of their account or face its deletion within 24 hours. The company had built its online presence over the last 8 years, so quite rightly were worried at the potential loss of valuable content and customer contacts.


#Phishing emails can come in all forms and often are designed to look like a service that you use or need. Here are 3 things you can do if you suspect you’ve been a victim of a #phishing attack.

  • #Take5 and check the sender’s details.

  • Always make contact with trusted details found through a reputable search engine, and avoid clicking on anything sent to you.

  • To prevent social media account takeovers, consider turning on 2-step verification #2SV, so any new device trying to log in or make account changes needs a second layer of security before access is given.

Sign up for our free core membership today and receive a useful welcome pack providing you with access to national guidance on #cybersecurity, free resources & toolkits, AND a tabletop exercise to really test your business’ resilience plans against a cyber-attack just like this one.

Comments


NPCC
TVP Logo
Hampshire Police Logo
SEROCU logo
Surrey Police Logo
Sussex Police Logo
Cyber Essentials Logo
Cyber Essentials Plus Logo

The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of the South East Cyber Resilience Centre is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others.  Articles on the website cannot by their nature be comprehensive and may not reflect the most recent legislation, practice, or application to your circumstances. The South East Cyber Resilience Centre provides affordable services and Cyber Essential Partners if you need specific support. For specific questions please contact us at enquiries@secrc.police.uk.  The South East Cyber Resilience Centre does not accept any responsibility for any loss that may arise from reliance on information or materials published on this website.  It is not responsible for the content of external internet sites that link to this site or which are linked from it.

© 2022 - 2025 The South East Cyber Resilience Centre

Registered in England & Wales, No. 13263448 

TM

  • Facebook for South East Cyber Resilience Centre
  • LinkedIn for South East Cyber Resilience Centre
  • X for the South East Cyber Resilience Centre
  • Youtube for South East Cyber Resilience Centre
  • Instagram for South East Cyber Resilience Centre
  • RSS feed for South East Cyber Resilience Centre
  • Threads
bottom of page