I just received 1,277 of emails from 'Instagram" BEWARE!


#1

#WARNING
There seems to be a high scale email scam going on so be careful.

I just received this email on 1,277 different emails assigned to my accounts.

This is NOT Instagram, so do not take the survey or reply to this email.


#2

Just curious, were those accounts business accounts? And if not, how did they get your email address?


#3

If you got those e-mails, you published your e-mail addresses somewhere, right?


#4

They were NOT business accounts. I am not sure how they managed to get my email addresses.

It was a mixture of accounts from different providers, ones I have created, and ones I have used my own email domains on. Its quite a wide mix, which makes me think there is a way to get email addresses from non-business accounts.


#5

Let’s see if more people got those emails.

If there is a way to get the mails from IG accounts, it’s quite a big exploit. You would be able to get millions of more or less targeted emails, that’s a lot of money.


#6

it looks like there’s a ton of scams coming from that domain - via different sub domains

https://www.facebook.com/business/help/community/question/?id=10208552244423702


#7

Funny, I just got an email from this guy who goes by Brenden Barnur, he said he was offering Instagram services and all I had to do was PayPal him 1000 rupees by midnight or all of my accounts would be deleted.

On a serious note, that’s not cool. I’ll keep my eyes peeled for spam emails, but I’m more curious as to how they got so many of your account addresses…


#8

Sounds good. Yea I would love to know this exploit for my own…“ethical” reasons :smiley:

Thanks for taking a look into the domain @lll looks like they have been at it for a while.


#9

Dont trust that scammer. The dead giveaway was the $1000 rupees. If the real Brandon Berner would do this, it would be more like $1000 USD/account on a recurring basis :smiley:

Awesome! Yea, I was shocked to see I received so many emails. Normally you just get it on 1 account or so. This was not the case, and now I am jealous as to how the found 1277 of my emails.


#10

Hahahaha!

And yeah, imagine if getting emails was that easy, so many list building ideas come to mind…


#11

Sorry…just had to… :bow:


#12

At least you didn’t post any banana hammocks… :joy:


#13

https://www.qualtrics.com/ seems like a legit survey site.

I just went to the url from your email and did the survey and it only asked for user experience related things. I did expect like login informations or some kind of advertising, but nothing.

I wonder why they did that and when they aren’t Instagram. It seems pretty useless info to me if you don’t work at Instagram.


#14

My two cents on this though…

I would also compare this number to the total number of emails that you manage. If they managed to cover most of your emails then I would be seriously concerned about a breech on your end somewhere.

If, however, the number is a in the 30-40% or similar range, then there’s room for the possibility that these emails were obtained from another source.


#15

I prefer not to disclose the total amount of email accounts I have assigned to social media, however I can tell you that I only received emails on a small percentage.

From what I can see, it does not look like there was a breech on my end, although I am still looking into it.

Time will also tell. If I receive more emails from the majority of my other accounts (and other members here dont), then there is clearly a breach on my end.


#16

I actually didn’t want you to disclose anything not even a percentage, that was just for you. :grin:

But anyways, that’s good news.


#17

Yeah and by the way, HUGE thanks for posting this :+1::bow: That kind of slipped out of my previous replies.


#18

Thanks for the heads up!


#19

There is a way to scrape e-mails from accounts. Seen’t it on Reddit a few months back.


#20

Do you mean this? https://www.reddit.com/r/SEO/comments/5oy3wj/found_a_way_to_scrape_emails_and_urls_from/

That’s only getting emails from the BIO, which is nothing new. If you could do it for every profile, it would be a massive exploit so I don’t think thats possible/public.