Like many on social media, Bianca Havenga uses her Instagram for the occasional selfie and to share personal updates with her close friends — so she didn’t suspect anything when one of her co-workers seemingly messaged her, asking for help.
The messages, which included personal details about the account owner, came with a request. The co-worker apparently needed help to win an online competition.
But though the messages were coming from her co-worker’s account, it was a complete stranger on the other end. By the end of the night, Havenga had been locked out of her own account — and she hasn’t been able to access it since.
Havenga said she fell victim to the online scam about two weeks ago. The person who had taken over her co-worker’s account referenced their children and other personal details about them, leading Havenga to believe she was actually chatting with someone she knew.
“They sent me a link, but they said not to click on it — specifically, not to click on it. I don’t know why,” said Havenga.
“He told me just to screenshot and send it back to him.”
That’s exactly what she did, Havenga said. She didn’t realize something was wrong until one of her friends alerted her to an odd post that had appeared on her Instagram feed.
“They said, ‘Did you just post this? It doesn’t look like something you would post.’ When I went to go into my Instagram, I couldn’t get into it whatsoever,” Havenga said, adding she quickly made a new account.
“So then I looked up my [old] Instagram, so I could see what he was doing. And then afterwards, he blocked me from my own Instagram.”
Havenga’s original account is now being used to send similar scam messages, asking her followers if she can help them win an online competition.
She added some of her friends have forwarded her the messages they’ve received from the account thief — even referencing personal details about Havenga to convince them it’s her.
“They know certain things about me. They know my friends, people I communicate with closely. They know I’m in nursing, because it’s on my Instagram and stuff like that,” she said, adding she receives messages from people every day asking if her old account has been hacked.
“Just yesterday, I had four people asking me about it.”
How does the hack work?
Unlike other online scams where a fake account asks users to click on a link, this scam that Havenga fell victim to uses real accounts to trick their victims.
Using a personal account, the scammer will message one of their followers asking if they can take a screenshot of a link and send the photo back to them.
The scammer will assure the victim they do not need to click on the link itself.
The link is officially from Instagram and is meant for users who have forgotten their password. The link is generated only after it’s been sent to the victim.
Once the link shows up, the scammer will ask for a screenshot so they can manually input it on their end, giving them the ability to change the victim’s password and lock them out of their own account.
The victim’s account is then used to send messages to their own followers — and the cycle repeats itself.
Some users have reported scammers giving back their accounts after a few days or weeks. Other users, such as Havenga, tell CTV News they were assured their account details would be given back to them — but the scammer has yet to do so.
Tips to stay safe online
According to a statement from Meta, parent company of Instagram, there are measures users can take to protect themselves from scammers, such as revoking third-party apps from accessing your account and enabling two-factor authentication.
“We have sophisticated measures in place to stop bad actors in their tracks before they gain access to accounts, as well as measures to help people recover their accounts,” said Meta’s company statement.
“We know we can do more here, and we’re working hard in both of these areas to stop bad actors before they cause harm, and to keep our community safe.”
The company added it works with law enforcement “to help find and prosecute the scammers who conduct these activities.” When asked by CTV News for more specifics, company officials said they “don’t have more to share on this.”
“Bad actors will use any means necessary to access an account and we continue working hard to stay ahead of emerging trends,” the statement added.
CTV News also reached out to Windsor-based rust protection company Krown which fell victim to a similar scam last month. Management say they were unsuccessful in their attempts to regain access to their original account and have since made a new one.