Chances are that unless you pulled a Tom Hanks in Castaway, you have probably heard of Instagram by now. The photographical social network, owned by Facebook, has over 400 million active users per month that typically average over 80 million photos uploaded a day that garner 3.5 billion likes.
So needless to say, it’s pretty popular. A post last month from our colleagues over at Threatpost discussed a spat between researchers and a bug reported to Facebook’s Bug Bounty Program got our team at Kaspersky Daily discussing how we use Instagram and how it is another area where we see too many users over-sharing.
— Kaspersky Lab (@kaspersky) December 18, 2015
At one point in the conversation Serge M. noted that whenever he logs in, he sees more pictures of one friend’s kid than could possibly fit into a lifetime of family photo albums.
As a follow-up, we soon wondered of how secure these free-sharers were actually exercising privacy settings on one of the world’s largest apps and social networks. So instead of going person to person, our team decided to offer some free hygiene advice for our favourite photo-sharing site.
— Kaspersky Lab (@kaspersky) October 6, 2015
We talk A LOT about passwords on Kaspersky Daily, but since we are in the over-sharing train of thought, remember that they are like underwear and you should change them frequently and never re-use them. Any particular service can be a gateway to other social networks or email accounts and since re-using usernames is pretty commonplace for social networks, you should really make sure to have your password strong and unique.
— Kaspersky Lab (@kaspersky) November 26, 2015
Are you an exhibitionist? Do you like people seeing what you do 24/7? If so, please skip this note. However if you are like many people out there, you only want to be sharing with those you actually know.
So if you want to keep your Instagram in this mode, select the “Private Account” option under the “Options.” I highly recommend this to any parent out there who shares photos of their children as a way to stay connected with friends and family around the world.
Now I’m not your parent, so I won’t lecture you on how or whom you share with, but it’s my job to tell you that some creepy dude with Candy written on the side of his van may see pictures of Suzie’s tumbling class, Johnnie’s judo school or Alex’s daycare; or that you work at 500 Unicorn Park Dr and are there for 9 hours a day sharing images from your office or traveling two weeks a month.
While I am not trying to scare you, there are bad people out there. We would only recommend the “Public” setting for folks who need to be in the public eye and have no choice Thanks TMZ or brands, like Kaspersky Lab.
— Kaspersky Lab (@kaspersky) October 26, 2015
Sharing is caring?
Much like many other social media outlets, there are vendors and tools that will tie into Instagram’s API. Generally this is seen as a way to make sharing easier, resharing someone else’s photo or enter a contest. The real question for you is:
Do you know what you are sharing?
Or more importantly Does company X really NEED this information?
If you don’t know the answer — and you probably don’t (no one reads those things) — you should really log into your Instagram account online and check out what apps you’ve logged into with your Instagram account.
One of the things that stands out to me is that Instagram is overall pretty strict on the app permissions, however when using a 3rd party app, you extend your vulnerability for your account to be compromised. It happened as recently as this past November with InstaAgent.
— Kaspersky Lab (@kaspersky) March 24, 2015
Don’t fall for the bots
I have a private account on Instagram. This means that if you want to follow me, I have to approve you. However even with that setup, I tend to get MANY follow requests from beautiful women (their words, not mine) looking for boyfriends, sugar daddies, signing up for cams and some other awkward things. Fellas — these are fembots. They are not real women. Don’t send them PMs, or click on the links that they send to you.
HELP! I’ve been hacked
No one likes to find out that they have been compromised. Trust me, we understand that it sucks. Instagram is a popular topic to hack accounts — over 1.3M results come up on Google and there is even a thread on Quora that goes into sites to learn how to hack into people’s account (don’t be a jerk yourself — don’t do that).
With that said, there are some things that you can do should you think your account has been compromised. The first is to login via web or mobile and see if you can change your password and settings. If this does not work or if you have been locked out of your account, the best thing to do is to visit Instagram’s Help Center. From there, you can reset your password.
In the Help Center, you can also report Spam accounts, hate speech accounts or self-harm that you’ve seen among other things.
Follow these tips and you’ll be one step closer to a social network away from the prying hands of the dastardly villains of the interwebz.