Instagram is coordinating with other social media platforms, including Twitter and TikTok, to ban users who have stolen hundreds of usernames with just one word.
These short, desirable handles, known as “OG usernames” (think of keywords like @Killer, @Sick, and @Miracle), are valuable because they are eye-catching and give status. The people who caught them first were early adopters. Cyber criminals buy and sell usernames in special forums and messaging apps.
The crackdown, which began Thursday, follows a month-long investigation by Instagram into ogusers.com, the main forum where these accounts are sold and traded. Instagram discovered that stolen account names were obtained through hacking, extortion, extortion, and harassment – and then could be sold for up to $ 40,000. Such manipulation has been largely uncontrolled for years. (Ogusers.com was also the forum that orchestrated last year’s gigantic Twitter hack that affected former President Barack Obama, Elon Musk, and many other celebrities.)
Ajay Pondicherry, 38, a Los Angeles real estate software entrepreneur, was one of the first thousand users of Instagram so he could easily claim the @Ajay handle. Over the years people had offered to buy or trade his username, but he always refused to give it up.
“It was a sign that I was one of the first to use Instagram. I’ve always been a huge fan of the product and this grip just proved I got on board early, ”he said. “I appreciated it more when people tried to hit me and bargain and buy it from me. It had a seal of approval. “
On February 21, 2019, Mr. Pondicherry was banned from his email accounts. Then his phone stopped working. When he checked his AT&T account the next day, his number was assigned to a new phone.
What Mr Pondicherry witnessed was a SIM swap where a cybercriminal exploited a person’s personal information to gain control of their phone number from a cellular operator and then used two-factor authentication to access their personal accounts to obtain. After Mr Pondicherry regained control of his AT&T account and tried to log into Instagram, he found that his handle @Ajay had been stolen by the hacker.
SIM swapping has been the preferred method for many cyber criminals to get valuable Instagram accounts and social media handles. (It was also the method that hackers used to take over Twitter boss Jack Dorsey’s Twitter account in 2019.)
Recently, cyber criminals tracking OG usernames have resorted to harassment and threats. According to Instagram, the people behind the accounts suspended Thursday – some of which had millions of followers – had exposed owners of desirable Instagram handles to threats of beatings, revenge porn and violence.
Jackson Weimer, 22, the administrator of a meme account called @ vastplateofketchup8, said he has met hundreds of people engaging in this type of behavior online.
“Their main goal is to grow their pages, and selling those OG usernames is a game for many of them,” he said. “Your goal is to do this to as many people as possible. Every meme page met one of these people. “
After highlighting these practices on his own Instagram, Mr Weimer faced a barrage of harassment. “They sent me pictures of my house on Google Maps,” he said of his molesters. “They told me they wanted to rape and kill my parents. They said that I will regret it. They have often sent me my address and created an account that ‘exposes’ me on Instagram, where they simply post and fabricate lies about me. “
According to Instagram, nine cyber criminals were behind the unauthorized seizure of hundreds of Instagram accounts. However, the platform’s ban includes not just these nine users, but also middlemen who coordinated the buying and selling of accounts on ogusers.com and Telegram, an encrypted messaging app. Many of the middlemen are young people, including teenagers, who see short handles as status symbols.
“It’s like driving a fast car when cars were important,” said Dr. Argelinda Baroni, clinical assistant professor of child and adolescent psychiatry at NYU Langone Health. “Children generally want to be validated. Children want to be cool. But children do very dangerous things to gain status. “
After seeing an alarming spike in account theft and escalation in username collection methods, Instagram took action in 2020 and began working with TikTok and Twitter to identify accounts across platforms.
“As part of our ongoing work to find and stop improper behavior, we recently reclaimed a number of TikTok usernames that were used in inappropriate crouching accounts,” a TikTok representative said in a statement. “We will continue to focus on staying one step ahead of the ever-evolving tactics of bad actors, including working with third parties and others in the industry.”
Twitter confirmed that the company had also banned users for violating the platform’s tampering and spam guidelines. “This investigation was carried out with Facebook,” said a Twitter representative.
Rachel Tobac, a hacker and executive at SocialProof Security, who runs security training and workshops, said the pandemic has pushed more young people into online communities where they can make money and find camaraderie.
“It’s basically a lack of support and an increase in economic hardship, especially under Covid-19,” she said. “I want to emphasize that this is a societal challenge where these minors get so caught up in cybercrime. We will always have criminals, but we will see people, especially minors, turn to cybercrime when there is a lack of a support system or a specific economic downturn affects them. “
Instagram said it is sending cease and desist statements to people behind the theft of high-quality handles and is working with local law enforcement agencies to hold those involved in criminal activity accountable.
Although Instagram previously banned meme accounts for violating the Terms of Service, Thursday’s crackdown is the most public and determined action Instagram has taken against people who manipulate the platform for financial gain. However, Will Dyess, the vice president of Dank Memes, an e-commerce and media company that operates multiple sites of coveted usernames, said he was skeptical that attempts to steal the account would ever completely wear off.
“Will @Stonks ever stop being a target? Probably not, especially after last week, ”he said, referring to the GameStop madness. “Certain usernames and URLs will always be in demand. Properties on the internet are limited. “
Mr Weimer said that while Instagram’s account ban was a good first step, it didn’t address the deeper problem: Young users just want to make money on the platform.
“I think the pandemic has made a lot of kids make money in every possible way, no matter how fraudulent,” he said. “They have more time on the phone, they are at home more often, and many children have lost their part-time jobs.”
“If Instagram is really going to fix this problem,” Weimer continued, “they have to go top down and start paying people who create content so people have no reason to make money any other way.”