Endpoint Protection

Influx of fake Instagram profiles luring users to adult dating sites 

01-07-2016 07:51 AM

fake-instagram-profiles-header.jpg

In recent months, Symantec Security Response has observed a steady influx of fake profiles on the social photo-sharing service Instagram. These fake profiles, which use photographs stolen from legitimate profiles, feature three variations to follow users and like photos. Through these interactions, they lure users to their profiles in order to earn a commission through affiliate links to adult dating websites.

Influx of fake profiles
Sometime in November 2015, users posting photos to Instagram began noticing likes and follows from unknown users.

Fig1_31.png
Figure 1. Fake profiles on Instagram follow users and like photos

Three profile variations
Among these profiles, we have observed at least three variations.

Profiles in the first variation have a stolen avatar photograph, but no actual photos on their profile page. Their bio may or may not contain some information, but they will have a link leading to an adult dating website.

Fig2_21.png
Figure 2. Profile variation number one contains no photos, just a link in the profile bio

Profiles in the second variation contain a stolen avatar and corresponding stolen photographs. They contain some suggestive text in the bio (“Are you a sex giant? I wait you here!” “If you’re down to meet and hook up with singles near you, check out the link below”), along with a link leading to an adult dating site.

Fig3_15.png
Figure 3. Profile variation number two features stolen photographs

In the third variation, the profiles serve as an intermediary. They contain a single photograph split into tiles to form the full photograph. They overlay a button with the caption “18+” that is strategically placed on various body parts. Clicking on any of the images in the tile will reveal a note instructing the visitor to go to the “official profile” which is linked. This final profile contains a random assortment of images of women in bikinis and lingerie. The bio claims that the visitor could have an erotic meeting if they visit the link in the profile.

Fig4_12.png
Figure 4. Profile variation number three directs users to another profile

Adult dating landing pages
In each of the profile variations, the links lead users to a landing page for an adult dating website. The links themselves may direct the user to the website and include an affiliate ID, or they will direct the user to a page that serves as an intermediary to the actual adult dating websites.

Fig5_4.png
Figure 5. Adult dating website landing pages

Affiliate programs are the driving force behind adult dating and webcam spam on various dating and social networking applications. Unlike previous examples that we have identified, the fake profiles on Instagram are not bots; they won’t converse with users through the Instagram Direct feature.

Stolen photographs
Based on a few of the fake profiles, we believe that most of the photographs used were taken from real profiles of popular Instagram users. For instance, one of the fake profiles stole photographs from Julia Pushman, a model and YouTube vlogger.

Fig6_1.png
Figure 6. Original photo (left) stolen and used on a fake profile (right)

Report fake profiles to Instagram
With over 400 million monthly active users, Instagram is one of the most popular mobile applications. It comes as no surprise that the service has also become popular with scammers. Instagram users should be skeptical of unsolicited likes or follows from fake profiles. If you believe you have encountered a fake profile, you should report it to Instagram as spam.

Statistics
0 Favorited
0 Views
0 Files
0 Shares
0 Downloads

Tags and Keywords

Related Entries and Links

No Related Resource entered.