--- title: "Instagram More Popular Than Facebook: Guess Where the Hackers are? | Phish Protection" description: "Willie Sutton had a famous response when asked why he robbed banks: "Because that" image: "https://phishprotection.com/og/blog/instagram-popular-facebook-guess-hackers-are.png" canonical: "https://phishprotection.com/blog/instagram-popular-facebook-guess-hackers-are/" --- Quick Answer Willie Sutton had a famous response when asked why he robbed banks: "Because that's where the money is." Hackers seem to be following Willie's advice. When it comes to phishing attacks, hackers go where the people are. And as Instagram catches up in popularity to Facebook, it's become the go-to destination for hackers looking to exploit victims via phishing attacks. Share [ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Finstagram-popular-facebook-guess-hackers-are%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Instagram%20More%20Popular%20Than%20Facebook%3A%20Guess%20Where%20the%20Hackers%20are%3F&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Finstagram-popular-facebook-guess-hackers-are%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Finstagram-popular-facebook-guess-hackers-are%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Finstagram-popular-facebook-guess-hackers-are%2F&title=Instagram%20More%20Popular%20Than%20Facebook%3A%20Guess%20Where%20the%20Hackers%20are%3F "Share on Reddit") [ ](mailto:?subject=Instagram%20More%20Popular%20Than%20Facebook%3A%20Guess%20Where%20the%20Hackers%20are%3F&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Finstagram-popular-facebook-guess-hackers-are%2F "Share via Email") ![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2019/04/phishing-protection-software-9912.jpg) Willie Sutton had a famous response when asked why he robbed banks: “Because that’s where the money is.” Hackers seem to be following Willie’s advice. When it comes to phishing attacks, hackers go where the people are. And as Instagram catches up in popularity to Facebook, it’s become the go-to destination for hackers looking to exploit victims via phishing attacks. According to an article on[ Bleeping Computer](https://www.bleepingcomputer.com/news/security/the-hotlist-is-the-latest-instagram-phishing-scam-attack/), “A phishing scam called _The HotList_ is the latest scam currently making its way through Instagram. This scam pretends to be a list of pictures ranked on how ‘Hot’ they are, but just leads to a fake Instagram login page that is used to steal account logins and passwords.” The article goes on to say that, “_If you do fall victim to the HotList scam, the phishers will log into your account and use it to send further phishing messages to other Instagram users_.” So, if you think you’re hot, it could get you phished on Instagram. So too could thinking that you’re nasty. In other words, there’s more than one way to phish an Instagram user. According to an[ article on Komando.com](https://www.komando.com/happening-now/562330/dont-fall-for-this-nasty-instagram-phishing-attack), “A new **phishing attack** is growing on Instagram that targets users with bogus messages. Victims get a message from a follower, potentially even someone they trust, saying they’ve been added to a nasty ‘list’ on another website. The only way you can see the list, though, is to log in with your Instagram username and password.” > If you do get phished in this attack, according to the article the “process turns your account into a kind of zombie profile, which the hackers use to spread the message to other people you follow.” ![Phishing protection software](https://media.mailhop.org/phishprotection/images/2019/04/phishing-protection-software-9912.jpg) This is why Instagram attacks are so viral: every victim leads to hundreds of more emails, all of which are from trusted relationships. That’s the key to effective phishing attacks: sending what appears to be trusted emails. There are really only two ways to defend yourself against phishing attacks that appear to come from people you know and trust. First, you can trust nothing. Assume every email is bogus and act accordingly. Of course, this defeats the purpose of online social interaction and makes it a pain to do anything. The other way to defend yourself from these phishing attacks is to take yourself out of the equation and let technology protect you. After all, technology doesn’t fall for any of these phishing techniques because it doesn’t look at what you look at. ![Phishing protection software](https://media.mailhop.org/phishprotection/images/2019/04/phishing-protection-software-9913.jpg) When you get an email, you look at the images and read the words. **[Anti-phishing](/) technology** doesn’t look at that. It looks at the underlying HTML code, but more importantly, it tests the underlying code to make sure it’s safe for you to interact with. If you get to the point where you’re tired of having to mistrust every email and you just want to go about having fun online, check out quick and inexpensive [phish protection technology](/). Then you can go back to being hot and nasty. ## Topics [ Phishing Awareness ](/tags/phishing-awareness/) ![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) [ Brad Slavin ](/authors/brad-slavin/) General Manager Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base. [LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) ## Protect your inbox from phishing attacks Real-time email security with 60-day free trial. No credit card required. [Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) ## Related Articles [ Foundational 5m 0ktapus, Okta Breach Helps Attackers Launch Sophisticated Supply Chain Attacks Sep 5, 2022 ](/blog/0ktapus-okta-breach-helps-attackers-launch-sophisticated-supply-chain-attacks/)[ Foundational 14m 12 Real-World Spear Phishing Examples And The Red Flags You Missed Feb 4, 2026 ](/blog/12-real-world-spear-phishing-examples-and-the-red-flags-you-missed/)[ Foundational 2m 8 million Android users fell prey to SpyLoan malware on Google Play Store Dec 5, 2024 ](/blog/8-million-android-users-fell-prey-to-spyloan-malware-on-google-play-store/)[ Foundational 1m A Big Part of the Phishing Problem is You Sep 17, 2019 ](/blog/a-big-part-of-the-phishing-problem-is-you/) ```json {"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]} ``` ```json {"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}} ``` ```json {"@context":"https://schema.org","@type":"BlogPosting","headline":"Instagram More Popular Than Facebook: Guess Where the Hackers are?","description":"Willie Sutton had a famous response when asked why he robbed banks: \"Because that's where the money is.\" Hackers seem to be following Willie's advice.","url":"https://phishprotection.com/blog/instagram-popular-facebook-guess-hackers-are/","datePublished":"2019-04-22T08:10:22.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2019-04-22T08:10:22.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/instagram-popular-facebook-guess-hackers-are/"},"articleSection":"foundational","keywords":"Phishing Awareness","wordCount":515,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2019/04/phishing-protection-software-9912.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}} ``` ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Foundational","item":"https://phishprotection.com/foundational/"},{"@type":"ListItem","position":4,"name":"Instagram More Popular Than Facebook: Guess Where the Hackers are?","item":"https://phishprotection.com/blog/instagram-popular-facebook-guess-hackers-are/"}]} ```