ZeroFox Research Team Publishes Exclusive Research on Instagram Scam Epidemic

ZeroFox Research Team Publishes Exclusive Research on Instagram Scam Epidemic
3 minute read

Get a free copy of the full ZeroFox Research paper on Instagram cam posts, Post Grams Not Scams, by clicking here.

ZeroFox Research today published Post Grams Not Scams, a research paper exposing the vast world of financial scams targeting Instagram accounts. The paper delivers a behind-the-scenes view of money flipping scams on Instagram through the use of applied research and machine learning algorithms developed and trained over millions of Instagram scam posts.

The results show 4,574 unique Instagram scam posts in over 2 million posts analyzed. Three scams are created for every 1 taken down and 80% of scam posts have lifespans of over 45 days -- all causing financial and personal losses.

ZeroFox conducted the research and developed new machine learning technology to showcase and ultimately address this critical yet unrecognized problem. It impacts virtually all major financial institutions and banks, with losses to the tune of hundreds of millions of dollars in annually. More scams and fraud will be covered in future research.

ZeroFox Research Paper Executive Summary

The rise of social networking has created an unprecedented platform for the average Jane or Joe to engage and interact with each other and with businesses on a global scale. From sharing pictures of cats to organizing revolutions, social media has radically transformed the nature of human communication.

There is, unfortunately, a darker side to this evolution. As more and more people become connected on social platforms, cyber criminals find themselves with more numerous and accessible potential targets than ever before. Social media’s inherent trust, ease of use, scale, and anonymity render it the ideal platform for cyber criminals and scammers.

Over a recent 4 month period, the ZeroFox Research Team identified thousands of scams targeting major financial institutions and their customers across Instagram. The team built a machine learning classifier and analyzed Instagram scam posts in relation to 37 of the biggest U.S. financial institutions. Over the course of the study, the classifier analyzed over 2 million historical posts from the last 2 years. In addition, ZeroFox engaged with scammers using a honey-pot Instagram account in order to better understand their tactics.

The scams, called money flipping scams, extort victims into sending money or disclosing banking information. The scammer promises to “flip” their money and return a huge profit. The scammers use Instagram to advertise their services with pictures of money, luxury goods and drugs as well as hijacking bank hashtags to target bank’s customers. They particularly target the poor and members of the military. At the end of the day, the banks often eat the cost, resulting in a considerable financial loss for both consumers and banks alike.

By the numbers:

  • 2 million - Instagram posts analyzed
  • 3 - scams created for every 1 taken down
  • 80 - percent of scam posts with a lifespan greater than 45 days
  • 4,574 - total number of unique scams identified by the ZeroFox classifier
  • 37 - number of top financial institutions’ hashtags used to gather data
  • 23 - number of scammers that engaged with the ZeroFox burner profile after we followed several major financial institutions
  • 1,386 - unique scammer accounts actively creating money flipping posts
  • 98.74% - accuracy of the predictive model
  • 420,000,000 - estimated global cost to banks of Instagram scam posts over one year

The research showed that every top U.S. financial firm had Instagram scam attacks, whether or not the institution was had owned corporate accounts on social media. Most were targeted seemingly unknowingly. The research also found that this is but one of many financial scams on social media today and that many organizations remain unprotected.

Get a free copy of the full ZeroFox Research paper, Post Grams Not Scams, by clicking here.

The ZeroFox Research Team recently published another report, Network Compromise Via Social Media Exploitation, during Black Hat. The team also presented 5 talks between Black Hat, DEFCON and BSidesLV.

The ZeroFox Research Team is dedicated to investigating malicious activity on social media to better understand how to protect people, organizations and brands. The group is composed of curious and determined scientists, engineers and writers; both techies and visionaries. We are committed to integrity in all aspects of our research process, from data collection to reporting.

Tags: Breaches

See ZeroFox in action