Malicious actors operated a brand impersonation phishing campaign on 22,000 students and managed to bypass the Microsoft email security system. The hackers were aiming to obtain the victim`s Instagram credentials in order to gain full access to their accounts.

Unsettling enough, the message was not recognized as a potential threat by native email security controls that Microsoft provides.

The email attack used language as the main attack vector and bypassed native Microsoft email security controls. It passed both SPF and DMARC email authentication checks.


Almost Perfect Spoofing of Instagram Did the Trick

The Instagram message the cybercriminal prepared is a perfect example of email spoofing. It got the right logo, the text appeared written in the right font, and it was really a challenge for both human and machine to realize that something was… phishing.

The message urged the victim to act rapidly and avoid a supposable unpleasant situation. It looked just like a normal email that you usually get from Instagram support, but after the user clicked a certain link inside the message, a fake landing page, that also looked as if it belonged to the social media platform, was opened.


The next step the threat actors were hoping the user will do was hit the ”This wasn`t me button”. From there on, the victim would have been directed to another fake landing page that had a request for personal data to be filled in.

Effective Security Measures That Protect You from Brand Impersonation Scams

An important thing that may keep you safe from this kind of social engineering campaign is checking if the message really came from the domain you thought it came from. But to be sure you`re not going to be the next victim of a phishing attack, take Sami Elhini`s advice, a biometrics specialist who claims that

an email from should be viewed as suspicious as Instagram’s domain is Where a service provides support, it may be advisable to contact support directly if you are unsure what action to take.


In an increasingly digitalized world, as threat actors become more and more creative in developing new tools to steal data, cybersecurity education is vital for understanding and being able to recognize a risk factor.

If you liked this article, follow us on LinkedIn, Twitter, Facebook, Youtube, and Instagram for more cybersecurity news and topics.

New Shopping Phishing Scam Uses URI Fragmentation to Target U.S. and Canadian Users

Malicious For-Profit Group Impersonates Brands to Scam Users

Why Do Organizations Need an Email Security Policy?

What Is Social Engineering?

What Is Email Spoofing and How to Stay Protected

What Is DMARC and Why Is Important for Email Security

What Is Email Security?

Leave a Reply

Your email address will not be published. Required fields are marked *