In a rising trend of social media scams, an Abu Dhabi resident, Palestinian Canadian first-aid trainer Tamim, had her Instagram account hijacked by hackers posing as bitcoin investors. Hackers then deceived her followers, tricking them out of tens of thousands of dirhams through fraudulent bitcoin investment schemes.
-
How the Scam Unfolded
Tamim was contacted by someone pretending to be the brother of an old friend, who persuaded her to invest in bitcoin. The hacker requested her phone verification code under the guise of setting up her investment account. After Tamim shared the code, she was instantly locked out of her Instagram account, which the scammer used to reach out to her followers with enticing messages, showcasing images of cash and bitcoin “profits.”
Over the following weeks, Tamim's followers were targeted, with at least three victims losing over Dh10,000 each. One follower, a Dubai banker, was scammed out of $30,000 after a message supposedly from Tamim promised high returns on bitcoin investments. Another victim in Saudi Arabia even borrowed a credit card to pay the fraudsters.
After unsuccessful attempts to contact Instagram for account recovery, Tamim paid an IT expert to terminate her hacked account, prioritizing her followers’ safety over regaining access. Reflecting on the experience, she now practices increased caution, avoiding unsolicited messages and unknown links.
Social Engineering and How Scammers Operate
Abu Dhabi Police’s cybercrime head, Lt Col Ali Al Nuaimi, described this scheme as social engineering, where scammers manipulate victims into divulging sensitive details. In such scams, hackers often redirect victims to fake login pages that resemble Instagram or similar platforms, capturing usernames and passwords without needing advanced hacking skills.
“Hackers don’t always directly hack accounts,” said Lt Col Al Nuaimi. “By leading you to enter your details on a fake page, you hand them the key to impersonate you.”
Tips to Avoid Falling Victim to Social Media Scams:
-
Never Share Verification Codes: Avoid sharing phone verification codes with anyone, even if the request appears to come from someone you know.
-
Verify Unusual Messages: If a friend or family member contacts you with unusual investment offers, verify their identity through another communication method.
-
Avoid Unknown Links and Login Pages: Only log in to social media accounts directly through official apps or websites. Avoid entering personal details on unfamiliar pages.
-
Strengthen Your Account Security: Enable two-factor authentication (2FA) on your social media accounts for an added layer of security.
-
Report and Block Suspicious Messages: Report any suspicious messages or accounts to the platform, and avoid responding to unsolicited requests from strangers.
-
As social media scams grow in sophistication, UAE residents are encouraged to stay vigilant and protect themselves from social engineering tactics that can turn trusted online interactions into financial nightmares.