Breaking News Emails
It's an old con with a millennial twist.
A new report details how scammers are targeting banks' followers on Instagram in the hope of luring them into handing over money with the false promise of delivering back a handsome return.
ZeroFOX, a social media security company, conducted a two-year study analyzing more than 2 million posts to understand how scammers are attempting to con users into a money-flipping scheme.
"Although its newer on social media, these techniques hearken back to the most classic scams in history"
Here's how it works: Scammers often flaunt wealth and talk about investment opportunities target people who have just begun following a financial institution on Instagram.
If the person accepts a scammer's request, they will then receive a direct message offering a way to get in on the deal if they just hand over money and are willing to share a cut of the fake investment.
The venue may be relatively new but these are old tricks, Phil Tully, a senior data scientist at ZeroFOX, told NBC News.
"Although its newer on social media, these techniques hearken back to the most classic scams in history," Tully said.
The ZeroFOX team built a machine-learning classifier to help predict whether a post is a scam. It looked at everything from hashtags used to advertise money flipping to image recognition. It had nearly 99 percent accuracy, according to the report.
"They use different kind of techniques to socially engineer their victims. You have tools like hashtags and @ mentions that make it easy to broadcast your message to a large public audience," Tully said.
The analysis found 4,574 unique scams, according to ZeroFOX. Of those posts, 80 percent had a lifespan of more than 45 days, the report said, meaning the scams stayed up on Instagram.
Evan Blair, co-founder of ZeroFOX, said the scam is already costing financial institutions money.
"One of the reasons we got into this because we work with a lot of financial services firms and this is problem they were experiencing," he said. :This is a multi-million dollar problem for our clients, replenishing funds for victims of fraud, in addition to the indirect cost of staffing a security team to continually look for this and play wack-a-mole."
A representative for Instagram told NBC News the company is reviewing the report.
Instagram already employs machine-learning tactics to detect and prevent abuse, in addition to coordinating with banks and other companies through its ThreatExchange platform
Those systems can run more than two million classifiers, which are retrained every day to remain hyper-aware of the evolving tactics used by scammers.
Even though Blair said it may look like a "needle in a digital haystack," it's important users remain vigilant for any bad actors, even in places where they might not be expected.
"I think the overarching message here for individuals is don't trust something that appears too good to be true," he said.