{"id":24021,"date":"2025-04-28T17:29:06","date_gmt":"2025-04-28T13:29:06","guid":{"rendered":"https:\/\/me-en.kaspersky.com\/blog\/?p=24021"},"modified":"2025-04-28T17:29:06","modified_gmt":"2025-04-28T13:29:06","slug":"how-to-protect-your-account-from-sim-swapping","status":"publish","type":"post","link":"https:\/\/me-en.kaspersky.com\/blog\/how-to-protect-your-account-from-sim-swapping\/24021\/","title":{"rendered":"SIMulated giveaway on Instagram: the prize is your account!"},"content":{"rendered":"<p><em>\u201cI\u2019m giving away $125 000! Join the project via the link in my profile!\u201d<\/em><\/p>\n<p>\u2014 suddenly, a popular Russian blogger launches a massive cash giveaway on Instagram. A familiar face, speaking in upbeat voice and confident tone, appears in Stories. It all looks too good to be true\u2026<\/p>\n<p>That\u2019s because it is. There\u2019s no real project. The blogger didn\u2019t launch anything. Her account was simply hijacked. And the scammers went beyond the usual tricks: not only did they steal access and post a fake giveaway link, but they also stitched together a new video from old footage and dubbed it with a voice generated by neural networks. Read the whole story to learn how Instagram accounts are stolen by swapping SIM cards \u2014 and what you can do to protect yourself.<\/p>\n<h2>An almost flawless scam campaign<\/h2>\n<p>With the rise of AI tools, scammers have suddenly gotten \u201csmarter\u201d. Before, having hacked a blogger, they\u2019d have just posted phishing links and hoped the audience would bite. Now they can run full-fledged PR campaigns from the stolen account. Here\u2019s what the scammers did this time:<\/p>\n<ul>\n<li><strong>One short video. <\/strong>They wrote a script, voiced it with a deepfake of the blogger\u2019s voice, and edited together visuals from her previously posted Reels.<\/li>\n<li><strong>A text post. <\/strong>They published a photo with a tear-jerking caption about how hard it was to launch the project, trying to mimic the blogger\u2019s usual tone.<\/li>\n<li><strong>Four Stories. <\/strong>They reused old Stories where the blogger mentioned a real project, added a link to a phishing site, and reposted them.<\/li>\n<\/ul>\n<p>All this lends the fake project an air of legitimacy \u2014 since bloggers often use content like this across different formats to promote real initiatives. The scammers spared no effort \u2014 even throwing in some testimonials from grateful fans; fake ones, of course.<\/p>\n<div id=\"attachment_53344\" style=\"width: 590px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/37\/2025\/04\/28153717\/how-to-protect-your-account-from-sim-swapping-01.jpg\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-53344\" class=\"size-large wp-image-53344\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/37\/2025\/04\/28153717\/how-to-protect-your-account-from-sim-swapping-01-580x1024.jpg\" alt=\"Fake testimonials aimed at encouraging more fans to participate\" width=\"580\" height=\"1024\"><\/a><p id=\"caption-attachment-53344\" class=\"wp-caption-text\">Fake testimonials aimed at encouraging more fans to participate<\/p><\/div>\n<p>Let\u2019s take a closer look at the video. At first glance, it\u2019s surprisingly high-quality. It follows all the blog\u2019s rules: the blog\u2019s topic (home renovation), voiceover narration, quick editing. But upon closer examination, the illusion is shattered. Check out the screenshot below: only one video has a watermark in the top-left corner \u2014 from the free version of the editing app CapCut. That\u2019s the fake. The other videos don\u2019t have this watermark \u2014 because the real blogger either uses the premium version or edits with another app.<\/p>\n<div id=\"attachment_53343\" style=\"width: 511px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/37\/2025\/04\/28153736\/how-to-protect-your-account-from-sim-swapping-02.jpg\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-53343\" class=\"size-large wp-image-53343\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/37\/2025\/04\/28153736\/how-to-protect-your-account-from-sim-swapping-02-501x1024.jpg\" alt=\"The first video is the fake one created by the scammers\" width=\"501\" height=\"1024\"><\/a><p id=\"caption-attachment-53343\" class=\"wp-caption-text\">The first video is the fake one created by the scammers<\/p><\/div>\n<p>There\u2019s another detail: the subtitles. In all her real videos, the blogger uses plain white text with no background. In the fake video, the text is white on a black background. Sure, bloggers sometimes change their style, but usually settings like font and color are saved in their editing software and stay consistent.<\/p>\n<h2>What happens if you click the link in the profile?<\/h2>\n<p>Here\u2019s where it gets interesting. What kind of \u201cproject\u201d exactly were the scammers promoting, and what happens if you click the link?<\/p>\n<div id=\"attachment_53342\" style=\"width: 511px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/37\/2025\/04\/28153809\/how-to-protect-your-account-from-sim-swapping-03.jpg\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-53342\" class=\"size-large wp-image-53342\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/37\/2025\/04\/28153809\/how-to-protect-your-account-from-sim-swapping-03-501x1024.jpg\" alt=\"The bio looks suspicious\" width=\"501\" height=\"1024\"><\/a><p id=\"caption-attachment-53342\" class=\"wp-caption-text\">The bio looks suspicious<\/p><\/div>\n<p>If you\u2019re using a device without <a href=\"https:\/\/me-en.kaspersky.com\/premium?icid=me-en_bb2022-kdplacehd_acq_ona_smm__onl_b2c_kdaily_lnk_sm-team___kprem___\" target=\"_blank\" rel=\"noopener\">reliable protection<\/a>\u00a0(which would warn you if you try to visit a phishing site), you\u2019ll land on a very basic page: a flashy image, some eye-catching text, and a <strong>Claim your prize<\/strong> button. Clicking such buttons typically leads to one of two outcomes: you\u2019ll be asked to pay a commission, or prompted to enter your data \u2014 purportedly to receive your winnings. In any case, you\u2019ll be asked to share your bank details. Of course, no prize is coming \u2014 it\u2019s pure phishing.<\/p>\n<div id=\"attachment_53341\" style=\"width: 1034px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/37\/2025\/04\/28153832\/how-to-protect-your-account-from-sim-swapping-04.jpg\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-53341\" class=\"size-large wp-image-53341\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/37\/2025\/04\/28153832\/how-to-protect-your-account-from-sim-swapping-04-1024x768.jpg\" alt=\"A girl with dollars and a smartphone symbolizes the riches that await\u2026 the scammers after they steal your banking account\" width=\"1024\" height=\"768\"><\/a><p id=\"caption-attachment-53341\" class=\"wp-caption-text\">A girl with dollars and a smartphone symbolizes the riches that await\u2026 the scammers after they steal your banking account<\/p><\/div>\n<h2>How did attackers hack the blogger\u2019s Instagram account?<\/h2>\n<p>Important: there\u2019s no official version of how the account was compromised yet. It\u2019s a high-profile case, and the blogger has reported it to the police. She currently suspects she fell victim to a <a href=\"https:\/\/www.kaspersky.com\/blog\/what-is-sim-swapping\/50797\/\" target=\"_blank\" rel=\"noopener nofollow\">SIM-swap attack<\/a>. In short, this means that the scammers convinced her mobile provider to transfer her phone number to a new SIM card. There are two main ways this can be done:<\/p>\n<ul>\n<li><strong>Old method.<\/strong> Scammers forge a power of attorney and physically visit the mobile provider\u2019s office to request a SIM replacement.<\/li>\n<li><strong>New method.<\/strong> The criminals access the victim\u2019s online account provided by the mobile carrier and remotely issue an eSIM.<\/li>\n<\/ul>\n<p>SIM swapping allowed scammers to bypass two-factor authentication and convince Instagram support that they were the real account owners. Similar tricks can be used with any service that sends verification codes via text \u2014 including online banks.<\/p>\n<p>As for the blogger\u2019s original SIM card, it instantly turned into a useless piece of plastic: no internet, no calls, no texts.<\/p>\n<h2>How to protect your account from being hacked<\/h2>\n<p>Here are the basic rules to prevent most types of account hacks \u2014 whether on messaging apps, social networks, forums, or other sites:<\/p>\n<ul>\n<li><strong>Use advanced<\/strong> <a href=\"https:\/\/www.kaspersky.com\/blog\/types-of-two-factor-authentication\/48446\/\" target=\"_blank\" rel=\"noopener nofollow\"><strong>two-factor authentication<\/strong><\/a><strong> with app-generated codes instead of texts (SMS). <\/strong>For Instagram, we recommend also adding a backup method: <strong>Settings and activity \u2192 Accounts Center \u2192 Password and security \u2192 Two-factor authentication \u2192 Add a backup method.<\/strong> Then, <a href=\"https:\/\/me-en.kaspersky.com\/password-manager?icid=me-en_kdailyplacehold_acq_ona_smm__onl_b2c_kasperskydaily_wpplaceholder____kpm___\" target=\"_blank\" rel=\"noopener\">download a dedicated app<\/a>\u00a0to generate your login codes.<\/li>\n<li><strong>Install <a href=\"https:\/\/me-en.kaspersky.com\/premium?icid=me-en_bb2022-kdplacehd_acq_ona_smm__onl_b2c_kdaily_lnk_sm-team___kprem___\" target=\"_blank\" rel=\"noopener\">reliable protection on all your devices<\/a><\/strong><strong>.<\/strong> Pre-installed antivirus protection will block phishing links and protect you from various malware.<\/li>\n<li><a href=\"https:\/\/www.kaspersky.com\/blog\/kaspersky-international-password-day-2024\/51095\/\" target=\"_blank\" rel=\"noopener nofollow\"><strong>Create strong, unique passwords<\/strong><\/a><strong>.<\/strong> If you\u2019re short on imagination, let <a href=\"https:\/\/me-en.kaspersky.com\/password-manager?icid=me-en_kdailyplacehold_acq_ona_smm__onl_b2c_kasperskydaily_wpplaceholder____kpm___\" target=\"_blank\" rel=\"noopener\">Kaspersky Password Manager<\/a>\u00a0do it for you and keep them safe.<\/li>\n<li><strong>Follow the golden rule: each service has its own unique password. <\/strong>That way, hackers won\u2019t get access to everything at once.<\/li>\n<li><strong>Ask your mobile operator<\/strong> if it\u2019s possible to either completely prohibit servicing you remotely, or set up a special code you must state in every interaction \u2014 remote or in person. This can help protect you from SIM-swapping attacks.<\/li>\n<\/ul>\n<blockquote><p>More to read on protecting your accounts from hacking:<\/p>\n<ul>\n<li><a href=\"https:\/\/www.kaspersky.com\/blog\/telegram-account-hacked\/52775\/\" target=\"_blank\" rel=\"noopener nofollow\">What to do if your Telegram account is hacked<\/a><\/li>\n<li><a href=\"https:\/\/www.kaspersky.com\/blog\/messengers-101-safety-and-privacy-advice\/53300\/\" target=\"_blank\" rel=\"noopener nofollow\">Messengers 101: safety and privacy advice<\/a><\/li>\n<li><a href=\"https:\/\/www.kaspersky.com\/blog\/keep-instagram-secure\/11045\/\" target=\"_blank\" rel=\"noopener nofollow\">Instagram\u2019s updated security and privacy settings<\/a><\/li>\n<li><a href=\"https:\/\/www.kaspersky.com\/blog\/whatsapp-account-hacked\/53069\/\" target=\"_blank\" rel=\"noopener nofollow\">What to do if your WhatsApp account gets hacked<\/a><\/li>\n<\/ul>\n<\/blockquote>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"premium-crypto-generic\">\n","protected":false},"excerpt":{"rendered":"<p>A popular blogger\u2019s Instagram account was hijacked using a SIM-swap attack, and deepfakes were generated to scam followers. <\/p>\n","protected":false},"author":2706,"featured_media":24023,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1225],"tags":[2828,2252,80,734,76,695,949,46,2794],"class_list":{"0":"post-24021","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-privacy","8":"tag-bloggers","9":"tag-deepfakes","10":"tag-fraud","11":"tag-instagram","12":"tag-phishing","13":"tag-scam","14":"tag-sim-cards","15":"tag-sms","16":"tag-two-factor-authentication"},"hreflang":[{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/how-to-protect-your-account-from-sim-swapping\/24021\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/how-to-protect-your-account-from-sim-swapping\/28787\/"},{"hreflang":"ar","url":"https:\/\/me.kaspersky.com\/blog\/how-to-protect-your-account-from-sim-swapping\/12389\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/how-to-protect-your-account-from-sim-swapping\/28900\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/how-to-protect-your-account-from-sim-swapping\/28084\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/how-to-protect-your-account-from-sim-swapping\/30922\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/how-to-protect-your-account-from-sim-swapping\/29630\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/how-to-protect-your-account-from-sim-swapping\/39428\/"},{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/how-to-protect-your-account-from-sim-swapping\/13326\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/how-to-protect-your-account-from-sim-swapping\/53337\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/how-to-protect-your-account-from-sim-swapping\/22757\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/how-to-protect-your-account-from-sim-swapping\/23691\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/how-to-protect-your-account-from-sim-swapping\/32140\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/how-to-protect-your-account-from-sim-swapping\/29061\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/how-to-protect-your-account-from-sim-swapping\/34844\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/how-to-protect-your-account-from-sim-swapping\/34476\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/me-en.kaspersky.com\/blog\/tag\/instagram\/","name":"Instagram"},"_links":{"self":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/24021","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/2706"}],"replies":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/comments?post=24021"}],"version-history":[{"count":2,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/24021\/revisions"}],"predecessor-version":[{"id":24025,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/24021\/revisions\/24025"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/24023"}],"wp:attachment":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=24021"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/categories?post=24021"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/tags?post=24021"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}