Worried about how secure Instagram is? you’re not alone. Like all social media platforms, its terms and conditions are quite lengthy and full of technical language, which makes it difficult to know what you are signing up for.
Here to help you get an idea of the potential threats and security on Instagram, we contacted some security experts to see what they think about its data policies and if it’s the best way to protect its users from hackers. is sufficient.
what is instagram
Instagram is an image-based social network that hit our screens in 2010, racking up an impressive 25,000 users in just one day. As of 2012, the app was purchased by Facebook and has since continued to grow to an audience of young and old alike.
Since its humble beginnings, questions have been raised over Instagram’s security and whether the app is doing enough to protect its user’s data and personal information.
In one of the most recent updates, Instagram bought a feature that allows users to set up two-factor authentication so they can be notified if an unfamiliar device tries to log into their account. . But, is it too late?
What are the dangers of Instagram?
Some of the threats to Instagram include hackers, phishing profiles, and potentially harmful content posted on the site. Right now, Instagram has a few ways to deal with these problems.
“While the apps on your smartphone can be fun and engaging, people should make an informed decision about how much they are willing to share online. We entrust so much valuable personal data, such as addresses, payments, to social media platforms. information and photos, people should take their online privacy seriously,” David Emm, Kaspersky’s Principal Security Researcher, told Credible Review.
“Regardless of the platform people are using and any specific vulnerabilities identified, people need to develop similar security procedures to reduce the risk of attacks on their devices,” Amm says.
According to Emm, one of the most common methods used by criminals to gain access to social network accounts is phishing.
Phishing is a popular type of online scam where criminals impersonate legitimate organizations by using social media or other platforms to steal sensitive information. Phishing profiles can also come in the form of accounts that look like a normal person, with many people on Instagram actually copying their own profile and trying to trick that user’s followers into interacting with them. is inspired to.
“In many instances, Instagram users are looking for vulnerabilities themselves: they give up their credentials by entering phishing websites, unauthenticated apps, and fake web pages. Because of its popularity, Instagram has always attracted large amounts of fraud – the platform The number of people using it now exceeds one billion.
“Once a criminal hacks a user’s account, they can gain access to that user’s personal data and their correspondence. And the user’s profile can be turned into a source of malicious content, phishing and spam,” Emm explained.
What security does Instagram have?
Instagram has been very slow compared to other social media sites, introducing the security check feature and sensitive content control feature within the last month.
The more meaningful of the two, the Security Checkup feature sets up two-factor authentication, which means verifying a user’s account with a trusted phone number or a third-party app to limit other users from joining it. Will happen.
“This is a welcome addition to Instagram and is long overdue. It lags behind its peers in a security model and has been the victim of some high-profile security compromises (such as the abuse of Direct Messages in 2020.) Adding two-factor authentication is something that all cloud services should offer as a standard, so it’s a welcome move by Instagram,” Tom Gaffney, security consultant at F-Secure, told Trusted Reviews.
Kaspersky focuses on cyber security solutions and services, including protecting people’s personal data on social media.
“Instagram’s popularity makes it an attractive target for criminals and their recent launch of the ‘Security Check’ feature will certainly help people secure their accounts and help those whose accounts recover them. However, this will not completely prevent the problem,” said Emm.
Two-factor authentication will unfortunately have no effect on those who choose to impersonate others on the platform, as pointed out by Gaffney from F-Secure.
“Since there is no external check on who sets up accounts, there is nothing Instagram can do to prevent users from creating fake accounts using other people’s names. The only recourse for people who have accounts in their names is to monitor them and alert Instagram directly,” Gaffney explains.
What other action should users take?
Kaspersky’s Principal Security Researcher suggested that users need to take control of their accounts, warning that people should not click on suspicious links and should always use the official Instagram app from the official App Store, such as Google Play for Android and App Store for iOS. .
“To take control of their digital identity, all consumers should be vigilant about the information they share with online organizations, review privacy settings, and use strong, unique passwords and two-factor authentication on all digital services. It’s also important to review cookie policies, to make sure you’re not sharing too much data with companies,” AMM told Trusted Review.
F-Secure builds detection and response solutions and provides cybersecurity services to businesses and individuals, and its security advisor Gaffney suggested that users need to do more to keep their data secure.
“In addition to enabling two-factor authentication, users should use a strong password for their account and a different password for each service such as Facebook, eBay, Amazon, etc. If it is difficult to create strong separate passwords, So consider using a password manager, explained Gaffney to Trusted Reviews.
“Users of Instagram should also review their privacy settings, and limit undesirable or harmful comments by restricting who you post and who can message you. That’s why they should also check your followers and consider setting their posts to private.”
Another way to keep yourself safe on the app is to make sure that you never send your personal information to anyone on the app, especially someone you don’t know.
Also, pay attention to the address bar for the URL, make sure you’re not clicking on a fake link that looks real, such as ‘1nstogram.com’ or ‘instagram.security-settings. com’ ‘. If you’re concerned, it’s better to type the address yourself.
Why should you enable two-factor authentication on Instagram?
It’s still a new feature on the app, but experts are encouraging everyone using Instagram to make sure they’ve taken the time to set up authentication.
“Two-factor authentication is one of the best security developments in recent years. From your bank to your favorite shopping sites, and all the big social media companies like Google and Facebook offer it to keep your account secure, Gaffney claims.
“Two-factor authentication means that you enroll in your account another trusted communication channel, usually a phone number or email address. When a cloud entity sees “suspicious” activity such as login from a different device, location, email or mobile number, they can send an authentication code to your trusted number/device.”
It is also important to prevent attacks on your account.
“Two-factor authentication comes into play when a company gets hacked, or if someone tries to log into your account. A hacker may know your username or password and try to reset these so that they can misuse your accounts. If you’ve set it up, they can’t access your account or make changes unless they can also access messages from your trusted number.
Two-factor authentication isn’t difficult to set up either, and can be done within the Instagram app in minutes.
Kaspersky is also an anti-virus provider, which means it can protect your device from nasty viruses that you might catch from certain phishing emails or suspicious sites.
“Consumers should always use two-factor authentication, as it adds an essential layer of security. Anyone trying to log into your account needs to provide an additional means to verify your identity.” such as a one-time passcode delivered via an app, text message or email, or a physical device that generates the passcode,” said M.
“Most people use their e-mail address as a username and a static password. With two-factor authentication enabled, an additional — per access — passcode is required. So even if your username and password If it is compromised, attackers will not be able to access your account because they will not have a one-time passcode.”
If you’re interested in more ways to protect your data online, check out our list for the best VPNs in the first link.