Sorry to Hear You’re Having Trouble Logging In…

“Sorry to hear you’re having trouble logging into Instagram. We can help you get straight back into your account.”

This message is often accompanied by a helpful looking link that I could click on to get this much needed help. Sometimes it comes via text, others by email. In fact, I get this message multiple times a month, yet, you see, I have no trouble logging into Instagram.

Turns out, I have a username that a lot of people would like having as well — @nickk (yes its true, other people like to misspell their name as well). I’ve had “offers” of hundreds to thousands of dollars for me to give up my username (though I don’t suspect any of these people actually plan on paying me if I did agree). Some people take the kindness approach and politely ask for me to give it to them saying that it would mean so much to them or that it would help them launch their recording careers (maybe I don’t know what I’m doing in that it’s never leveraged my handle to become a DJ traveling Southeast Asia). And others still try any number of ways to break into my account and just straight up steal it from me. Each time, the person gets added to a list of blocked accounts that numbers in the hundreds at the writing of this.

It’s frustrating to be sure, and at times feels never-ending — every notification of a new message is unknown as to whether it’s from a legit friend or another Nick of the world. I actually debate and wonder if I would be better off letting it go and just being @NickkS76568 or some other random handle. Yet despite the annoyance the handle has been mine for over a decade, and I quite enjoy it’s part of my world.

It’s these attempts to steal my account that are the most concerning though. I often worry that when I go to delete a text or email via my touchscreen devices, that I’ll accidently click on the link and then be whisked off like a Portkey in Harry Potter to some strange and dangerous destination to be robbed. So far, so good, but I know people use these methods to steal accounts because they work. Unless you look closely and investigate the actual address of where the email came from, it’s easy to believe that it is actually Instagram sending it. Verification text messages often happen randomly for legit accounts that we have (looking at your Microsoft Office 365). We’re all inundated with notifications from every corner of our digital world, so it can be forgiven if we from time to time fall for a trap.

So how then do we protect ourselves from attempts to steal portions of our digital domain?

  1. Just don’t click the link. Don’t do it. There is really no need. Unless you are actively trying to access your account and waiting for a link to appear in your inbox, that link isn’t for you. If you need to verify that a message is from the actual service, go log into via the browser, not by any link sent to you.
  2. Have multifactor authentication on every account. Even if your username and password are compromised, attackers will still need a multifactor passcode to gain access to your account.
  3. Don’t use the same password on multiple accounts. Unique passwords mean that just because your password for one account was compromised, doesn’t mean that every account is in danger.

Even if your username isn’t something that other’s want, what is in your account is still valuable to others out there. Be vigilant, and stay safe.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store