Hacked Friend Impersonation Scams on Instagram
Attackers who take over Instagram accounts DM every follower with requests for money, gift cards, or account verification codes while impersonating the legitimate owner.
Part of: Hacked Friend Impersonation Scams
Last reviewed: 1 June 2026
Instagram account takeover allows fraudsters to exploit the social proof of an established profile — the follower count, post history, and mutual connections all lend credibility to messages sent from the hijacked account. Recipients who trust the apparent sender are more likely to comply with urgent requests before checking with the real person.
The intimate, conversational nature of Instagram DMs makes the impersonation feel more personal than mass email fraud, increasing the success rate for attackers who target the account holder's friends and followers.
How this scam works on Instagram
With a compromised Instagram account, the attacker browses the DM history to identify close contacts and craft personalised messages that reference real shared experiences or inside references found in previous conversations. These tailored messages are harder for the recipient to dismiss as fraud.
The attacker then sends a request — for a gift card code, a peer-to-peer payment, or a verification code forwarded from the recipient's own SMS — framed as urgent. Responses that express scepticism are met with further fabricated context to overcome hesitation.
Some operations scale by sending generic emergency messages to the full follower list rather than personalising each approach, relying on volume to generate enough responses to be profitable.
Common red flags
- DM from an Instagram friend making an unusual financial request or asking for a verification code
- Message that references a fabricated emergency and discourages you from calling to verify
- Request for gift card codes with instructions to photograph and send the codes via DM
- Writing style that differs noticeably from the account's normal tone in public posts
- Account that has recently changed its bio, profile photo, or linked URL since you last visited their profile
- Message sent at an unusual hour for the supposed sender's time zone
How to protect yourself
- Contact the apparent sender through a different communication method before responding to any financial request
- Enable two-factor authentication on your Instagram account to protect it from takeover
- Treat any Instagram DM requesting money, gift cards, or forwarded codes as suspicious regardless of the sender
- Review your own account's third-party app permissions regularly and revoke any you do not recognise
- Report the hijacked account to Instagram so the platform can trigger a recovery process for the real owner
- Warn mutual followers via comments or your own story if you confirm a friend's account has been taken over
How to report it
- Report the compromised account to Instagram using 'Report account > It's posting content that shouldn't be on Instagram > Spam'
- Alert the genuine account owner through an alternative contact channel so they can begin account recovery
- Report to your national fraud authority if you transferred money or gift cards in response to the fake request
Frequently asked questions
Should I report the account or just block it?
Report it first, then block it. Reporting alerts Instagram's safety team, who can freeze the account and initiate recovery for the legitimate owner. Blocking alone removes your exposure but leaves the attacker free to continue messaging your mutual connections.