Share

• Copy link
• Facebook
• X
• Reddit
• Email

Share this article

Join the conversation

Follow us

Add us as a preferred source on Google

Newsletter

Get the Tom's Guide Newsletter

Here at Tom’s Guide our expert editors are committed to bringing you the best news, reviews and guides to help you stay informed and ahead of the curve!

Become a Member in Seconds

Unlock instant access to exclusive member features.

Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors

---

By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

You are now subscribed

Your newsletter sign-up was successful

---

Want to add more newsletters?

Daily (Mon-Sun)

Tom's Guide Daily

Sign up to get the latest updates on all of your favorite content! From cutting-edge tech news and the hottest streaming buzz to unbeatable deals on the best products and in-depth reviews, we’ve got you covered.

Signup +

Weekly on Thursday

Tom's AI Guide

Be AI savvy with your weekly newsletter summing up all the biggest AI news you need to know. Plus, analysis from our AI editor and tips on how to use the latest AI tools!

Signup +

Weekly on Friday

Tom's iGuide

Unlock the vast world of Apple news straight to your inbox. With coverage on everything from exciting product launches to essential software updates, this is your go-to source for the latest updates on all the best Apple content.

Signup +

Weekly on Monday

Tom's Streaming Guide

Our weekly newsletter is expertly crafted to immerse you in the world of streaming. Stay updated on the latest releases and our top recommendations across your favorite streaming platforms.

Signup +

---

Join the club

Get full access to premium articles, exclusive features and a growing list of member rewards.

Explore

---

An account already exists for this email address, please log in.

Subscribe to our newsletter

Getting verified on social media can make all the difference for an aspiring influencer which is why a new Instagram phishing campaign making the rounds online is trying to lure in users with the promise of a blue badge.

For those unfamiliar, Instagram users that have been verified by the Meta-owned social network receive a blue badge with a checkmark next to their username in a similar way to how Twitter handles verification.

First discovered by the email security company Vade back in July and detailed in a new blog post, the latest Instagram phishing campaign aims to dupe users into divulging their personal information and account credentials.

If you’re an active Instagram user with hopes of getting verified, you’ll want to be on the lookout for an email with the subject line “ig bluebadge info” with an email address that begins with “ig-badges”. While the email uses spoofed Instagram and Facebook logos at the header and footer to appear more legitimate, Instagram explains in a support page in its Help Center that verification is done entirely through its platform and never over email.

A classic case of phishing

Although an Instagram user eager to get verified may fall for this phishing campaign, closely examining the body of the email itself quickly reveals that it’s a scam.

Several grammatical errors and typos appear throughout the email and Vade points out that it also includes a phrase commonly used by scammers: “Thanks, you instagram team”. The email also tries to instill a sense of urgency by telling potential victims that “the form will be permanently deleted within 48 hours”.

The cybercriminals behind this new phishing campaign hope that Instagram users will be so excited about finally getting verified that they will overlook these details and click on the blue button at the bottom of the email which reads “Badge Form”.

Stealing user credentials and info with the promise of a blue badge

If a user ends up skimming through the email and clicking on the Badge Form button, they are taken to a malicious website with the domain name “teamcorrectionbadges”. Here, the scammers hope that victims believe Instagram uses a different website besides its own to verify users.

This Badge Form page also tries to appear legitimate by copying the brand colors of Instagram and Meta’s logo. However, there are also several grammatical mistakes and punctuation errors which are a dead giveaway that this is a scam.

A form prompts potential victims to enter their Instagram handle along with their name, email and phone number in order to be verified. After the page refreshes, another field appears where users are prompted to input their password and login.

After this is done, a confirmation message appears with a bogus Case ID and tells them that the team will contact them as soon as possible with the average time being 48 hours.

This particular Instagram phishing campaign began on July 22 and more than 1,000 emails were sent out per day to potential victims. Vade notes that the scammers behind the campaign did their homework and included each victim's actual Instagram handle in their phishing emails.

How to stay safe from verification scams

Verification scams have become more popular as social media platforms like Instagram and Facebook have grown inside. 

In fact, according to Vade’s own Phiser’s Favorite Report, social media companies are the fourth most phished websites of any industry with Facebook being the second most impersonated brand.

Impersonating social media brands makes sense for scammers and verification is the perfect lure to trick users into giving up their credentials and personal information. At the same time, verification remains a mysterious and misunderstood process for many social media users.

To avoid falling victim to this and other verification scams, it’s important to keep in mind that social networks conduct verification assessments using their own platforms and never through email. Likewise, any email can be spoofed so you should always remain cautious when opening any message in your inbox, even if they appear to come from an official account.

When it comes to phishing, you should always look for the common signs of phishing scams which include instilling a sense of urgency along with spelling and grammatical mistakes.