A novel phishing campaign is targeting Instagram users by mimicking official security emails but replacing malicious website links with “mailto:” links.
The fraudulent message warns of a suspicious login and offers options like “Report this user” or “Remove your email address”.
Clicking these links opens the victim’s email client with a pre-addressed message to domains designed to look legitimate—a tactic known as typo-squatting.
Unlike traditional phishing, “mailto:” links method avoids automated filters that block malicious URLs, allowing attackers to receive victim responses directly in their inbox.
Once victims reply, attackers can request credentials or sensitive information in a conversational format, making the scam less obvious.
Many of the domains in this campaign share the same IP address, suggesting a coordinated setup.
While some email addresses are inactive, the method still confirms valid targets for future attacks.
This campaign follows earlier Instagram scams aimed at business accounts, but even personal accounts are at risk.
Compromised accounts can be locked and ransomed, causing victims to lose years of photos.
Prevention tips: Verify email addresses, avoid sending credentials via email, pause before acting on urgent messages, and research suspicious alerts online before responding.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
