Received an email about getting verified on Instagram It s a phishing scam Tom's Guide Skip to main content Tom's Guide is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Here's why you can trust us. Received an email about getting verified on Instagram It s a phishing scam By Anthony Spadafora published 1 September 2022 New blue badge phishing scam preys on Instagram users trying to get verified (Image credit: one photo/Shutterstock) Getting verified on social media can make all the difference for an aspiring influencer which is why a new Instagram phishing campaign making the rounds online is trying to lure in users with the promise of a blue badge. For those unfamiliar, Instagram users that have been verified by the Meta-owned social network receive a blue badge with a checkmark next to their username in a similar way to how Twitter handles verification. First discovered by the email security company Vade back in July and detailed in a new blog post (opens in new tab), the latest Instagram phishing campaign aims to dupe users into divulging their personal information and account credentials. If you're an active Instagram user with hopes of getting verified, you'll want to be on the lookout for an email with the subject line "ig bluebadge info" with an email address that begins with "ig-badges". While the email uses spoofed Instagram and Facebook logos at the header and footer to appear more legitimate, Instagram explains in a support page in its Help Center that verification is done entirely through its platform and never over email. A classic case of phishing (Image credit: Shutterstock) Although an Instagram user eager to get verified may fall for this phishing campaign, closely examining the body of the email itself quickly reveals that it's a scam. Several grammatical errors and typos appear throughout the email and Vade points out that it also includes a phrase commonly used by scammers: "Thanks, you instagram team". The email also tries to instill a sense of urgency by telling potential victims that "the form will be permanently deleted within 48 hours". The cybercriminals behind this new phishing campaign hope that Instagram users will be so excited about finally getting verified that they will overlook these details and click on the blue button at the bottom of the email which reads "Badge Form". Stealing user credentials and info with the promise of a blue badge If a user ends up skimming through the email and clicking on the Badge Form button, they are taken to a malicious website with the domain name "teamcorrectionbadges". Here, the scammers hope that victims believe Instagram uses a different website besides its own to verify users. This Badge Form page also tries to appear legitimate by copying the brand colors of Instagram and Meta's logo. However, there are also several grammatical mistakes and punctuation errors which are a dead giveaway that this is a scam. A form prompts potential victims to enter their Instagram handle along with their name, email and phone number in order to be verified. After the page refreshes, another field appears where users are prompted to input their password and login. After this is done, a confirmation message appears with a bogus Case ID and tells them that the team will contact them as soon as possible with the average time being 48 hours. This particular Instagram phishing campaign began on July 22 and more than 1,000 emails were sent out per day to potential victims. Vade notes that the scammers behind the campaign did their homework and included each victim's actual Instagram handle in their phishing emails. How to stay safe from verification scams (Image credit: Shutterstock) Verification scams have become more popular as social media platforms like Instagram and Facebook have grown inside. In fact, according to Vade's own Phiser's Favorite Report, social media companies are the fourth most phished websites of any industry with Facebook being the second most impersonated brand. Impersonating social media brands makes sense for scammers and verification is the perfect lure to trick users into giving up their credentials and personal information. At the same time, verification remains a mysterious and misunderstood process for many social media users. To avoid falling victim to this and other verification scams, it's important to keep in mind that social networks conduct verification assessments using their own platforms and never through email. Likewise, any email can be spoofed so you should always remain cautious when opening any message in your inbox, even if they appear to come from an official account. When it comes to phishing, you should always look for the common signs of phishing scams which include instilling a sense of urgency along with spelling and grammatical mistakes.Bitdefender Total Security (opens in new tab)$36 (opens in new tab)Bitdefender Total Security - 2 Years (opens in new tab)$104.99 (opens in new tab)Bitdefender Total Security 2020 - 3 (opens in new tab)$199.99 (opens in new tab)Visit Site (opens in new tab)at Bitdefender (opens in new tab) Be In the Know Get instant access to breaking news, the hottest reviews, great deals and helpful tips. Anthony SpadaforaSenior Editor Security and NetworkingAnthony Spadafora is the security and networking editor at Tom's Guide where he covers everything from data breaches and ransomware gangs to password managers and the best way to cover your whole home or business with Wi-Fi. Before joining the team, he wrote for ITProPortal while living in Korea and later for TechRadar Pro after moving back to the US. Based in Houston, Texas, when he's not writing Anthony can be found tinkering with PCs and game consoles, managing cables and upgrading his smart home. Topics Security See all comments (0) No comments yet Comment from the forums MOST READMOST SHARED1Amazon Prime Early Access Sale - best deals right now2iPhone 14 Pro's chip reportedly costs more than double iPhone 13 Pro3Google Pixel event recap - Pixel 7, Pixel Watch, Pixel Tablet and latest news4Hell Let Loose is too good for its own good5I'm an avid Google Maps guide - here's why it's my favorite place to post1iPhone 14 Pro's chip reportedly costs more than double iPhone 13 Pro2Google Pixel event recap - Pixel 7, Pixel Watch, Pixel Tablet and latest news3Hell Let Loose is too good for its own good4I'm an avid Google Maps guide - here's why it's my favorite place to post5High-yield savings account - what it is and how to open one