clock menu more-arrow no yes

Filed under:

Instagram introduces new tool to help prevent phishing attacks

Sorting the genuine from the fake emails

Photo by Amelia Holowaty Krales / The Verge

Instagram has added a new feature to its app to help users work out if an email was sent by the Facebook company or if it’s an attempted phishing scam. Now, if you receive an email claiming to be from Instagram, you can check if it’s genuine by heading over to the “Emails from Instagram” option in the app’s Security settings, which lists every email the service has sent you over the last 14 days. The update is rolling out now and may take time to appear in your settings.

The new menu divides your Instagram emails into two categories; security emails and “other.” If you see an email in there then you can be sure it’s legitimate, and you can safely click any links it contains. If it’s not, then it could be a phishing scam, whereby someone impersonates a service to trick you into giving them your username and password. In this case, you should probably delete the offending email. If the worst happens and your account gets compromised, then Instagram says you should follow the instructions listed on its help page.

It’s a welcome addition to the Instagram app, especially as phishing scams become more sophisticated. Some phishing scams can even break into accounts that use two-factor authentication using a fake site that asks for your six-digit code and immediately enters that into the real site on behalf of the scammer. Reply All did a great episode on this a couple of years ago if you’re interested in learning more. It’s still a good idea to enable two-factor authentication where possible, just know that you’ll still have to exercise caution with your online accounts.