“I’m giving away $125,000! Join the project through the link in my profile!” — a well-known Russian blogger suddenly initiates a large cash giveaway on Instagram. A recognizable face, speaking in an enthusiastic voice and confident manner, appears in Stories. It all seems too good to be genuine…
That’s because it isn’t. There’s no actual project. The blogger didn’t create anything. Her account was merely hacked. The scammers went further than usual: not only did they gain access and post a bogus giveaway link, but they also compiled a new video from previous footage and overlaid a voice generated by artificial intelligence. Read the entire story to discover how Instagram accounts are hijacked by swapping SIM cards — and what steps you can take to safeguard yourself.
An almost flawless scam operation
With the emergence of AI tools, scammers have suddenly become “smarter.” In the past, after hacking a blogger, they would simply post phishing links and hope for a catch. Now they can run sophisticated PR campaigns from the compromised account. Here’s what the scammers executed this time:
- A short video. They wrote a script, voiced it with a deepfake replication of the blogger’s voice, and edited together visuals from her previously shared Reels.
- A text post. They published a photo accompanied by an emotional caption regarding the challenges of launching the project, attempting to imitate the blogger’s typical tone.
- Four Stories. They reused older Stories where the blogger talked about a real project, added a link to a phishing site, and reposted them.
- All of this gives the fake project a sense of credibility — since bloggers frequently utilize content like this in various formats to promote actual initiatives. The scammers held nothing back — even including fake testimonials from appreciative fans.
Let’s examine the video more closely. At first sight, it appears surprisingly high quality. It adheres to all the blog’s guidelines: the blog’s theme (home renovation), voiceover narration, and quick cuts. However, upon a closer look, the facade crumbles. Check the screenshot below: only one video features a watermark in the top-left corner — from the free version of the editing app CapCut. That’s the counterfeit. The other videos lack this watermark — because the genuine blogger either uses the premium version or edits using a different app.
There’s another detail: the subtitles. In all her authentic videos, the blogger employs plain white text without a background. In the fake video, the text is white against a black background. While bloggers occasionally switch their style, settings like font and color are typically preserved in their editing software and remain consistent.
What occurs if you click the link in the profile?
This is where it becomes intriguing. What kind of “project” were the scammers actually promoting, and what happens if you click the link?
If you’re utilizing a device without robust protection (which would alert you if you attempt to access a phishing site), you’ll arrive at a very basic page: an eye-catching image, some flashy text, and a Claim your prize button. Clicking such buttons usually leads to one of two scenarios: you’ll be prompted to pay a fee or asked to provide your information — supposedly to claim your winnings. In either case, you’ll be requested to share your banking details. Of course, there’s no prize — it’s pure phishing.
How did the attackers gain access to the blogger’s Instagram account?
It’s important to note: there’s no official explanation regarding how the account was compromised yet. This is a high-profile incident, and the blogger has reported it to the authorities. She currently believes she may have fallen victim to a SIM-swap attack. In brief, this means that the scammers persuaded her mobile provider to transfer her phone number to a new SIM card. There are two primary methods they could use:
Old method. Scammers forge a power of attorney and visit the mobile provider’s office in person to request a SIM replacement.
New method. The criminals access the victim’s online account provided by the mobile carrier and remotely issue an eSIM.
SIM swapping enabled scammers to circumvent two-factor authentication and convince Instagram support that they were the genuine account holders. Similar tactics can be employed with any service that sends verification codes via text — including online banking.
As for the blogger’s original SIM card, it instantly became a useless piece of plastic: no internet, no calls, no texts.
How to protect your account from being hacked
Here are the basic rules to prevent most types of account hacks — whether on messaging apps, social networks, forums, or other sites:
- Use advanced two-factor authentication with app-generated codes instead of texts (SMS). For Instagram, we recommend also adding a backup method: Settings and activity → Accounts Center → Password and security → Two-factor authentication → Add a backup method. Then, download a dedicated app to generate your login codes.
- Install reliable protection on all your devices. Pre-installed antivirus protection will block phishing links and protect you from various malware.
- Create strong, unique passwords. If you’re short on imagination, let Kaspersky Password Manager do it for you and keep them safe.
- Follow the golden rule: each service has its own unique password. That way, hackers won’t get access to everything at once.
- Ask your mobile operator if it’s possible to either completely prohibit servicing you remotely, or set up a special code you must state in every interaction — remote or in person. This can help protect you from SIM-swapping attacks.
Leave a Reply