Our experience with the Instagram copyright infringement scam. How hackers got access to our Instagram account, how we got our account back, and how to avoid it happening to you! #freeprettyfrank

A message from our Founder/CEO Amy:

I was working in customer service over the weekend, assessing customer feedback, as I truly love helping customers and hearing from them, when I came across an email that looked official from Instagram with their logo, etc. It said that we were being contacted for a copyright violation and our account would be shut down in 24 hrs!

Look out for these emails!

Instagram phishing scam message image

I initially had a gut check regarding it, but quickly dismissed it. It was the weekend and I did not want to bug our Social Media Coordinator to ask her about this. I then recalled a customer saying something about a video we posted that at first glance looked different than what it really was. 😬 😆 I thought ‘well I don’t think it is a copyright issue necessarily, but it could be some sort of issue with that post that caused this.’

image of dinosaur running down the street to get package from mailboxuser comment on dinosaur post

I was worried I only had 24 hours to fix this issue so the account would not get shut down. This leads me to big mistake #1, listen to your gut! So, I ignored my initial gut caution and went ahead with filling out the copyright petition form. I then looked at my email, thinking I would get an email confirmation from Instagram, no confirmation came. I did get another gut check feeling but moved on quickly to try and unplug and take some time off to be with my family.

I woke up Sunday at 7 a.m to customers asking if we were selling our business and some knowing we were hacked. This was not a fun thing to wake up to! In all honesty, I started to panic and then quickly tried and communicate with followers/customers through the Facebook Business Suite to assure them we were hacked and NOT selling our account. At that point, Instagram messaging was still connected to our business suite. But then, the account name was changed and the hacker started to contact me personally through direct messages on Instagram. I was no longer able to message our concerned customers and followers.

image of Instagram profile after it was hackedinstagram post saying account is for sale for $100

Then, with the help of my Social Media Coordinator, we began the process of trying to contact Instagram. Which sad to say, is nearly impossible. They send you to resource pages that only help if you can still access your email, phone number and the account name has not been changed. Our account was hacked and completely taken over, primary email address, phone number, and even the name of the account! They changed our Instagram handle from @heyprettyfrank to @accountforsale19k. Then, two days later, the user handle was updated to @myaccountnotsale and was now based in Turkey, with again a new email and phone number we did not have access to. Making it that much harder to prove our connection to the account. My Social Media Coordinator even spent hours on chat and the phone through our Facebook Business Manager Ad Account trying to remedy the issue with no success. Another frustrating part of this process is the only way you can connect with a real person through support is if you have an ad account established with Facebook. This leads me to the big mistake #2. We did not have two-step authentication set-up.

picture of history of account name changesinstagram image showing the account being based in Turkey

After days and nights of exhausting all efforts, trying to troubleshoot, and continuing to contact Instagram, I broke down and resorted to talk with “hackers” that supposedly “fix’ the situation. After connecting with a few of them I decided to trust my gut this time as they seemed as though they, themselves, are hackers that hack the hackers. One of them told me they don’t charge for their service, I would just have to trust them and pay $200 for the software they use to take back the account. They wanted Bitcoin or a gift card as payment. I was only able to talk with them through direct messages and WhatsApp. When I tried to get them to get on a phone call they denied my request and said they could only communicate via messenger.

After a long week with no luck at regaining access, a family member contacted me to tell me someone reached out to him on WhatsApp. They were asking him if it was his Instagram account told him to pay $100 to get it back or they would delete it.

So I bet you are curious to know how this crazy story resolves! After almost a week later, with no response from Instagram, we decided to direct message the hackers. They requested $150 US in Bitcoin. Once we sent them the Bitcoin we successfully regained access, finally! I was so surprised it ended up coming to fruition. I thought for sure they would not end up giving us the login and we would have no recourse. Luckily I was wrong! The most ironic thing was reading all the DM’s this joker was having with people that were interested in buying the account. Two of the hackers were trying to cut a deal on selling and buying the Pretty Frank Instagram account after it was stolen. In that conversation, one of them says “ I’m all about good business”!? Are they really using the word good in light of what they are doing?! 🤦‍♀️

Some may be wondering why it mattered so much? Honestly, I have to say the invasion of privacy and feeling violated first and foremost. Second off, this is a business. I have worked very hard since 2012 creating this product for my daughter, starting it in my kitchen, and growing our social following. Instagram is one of the main channels that allow us to run ads for our promotions and sales, so practically speaking for our business, my family, and employees lively hood, this could have been a bigger disaster.

So now here we are! We did it! #Freeprettyfrank happened.
We have recovered our account, and I want to say thank you for being a loyal customer and follower of our page over these years and supporting our company!

What can you do? Join us and stop this from happening to others by sharing our story that could have important information on what not to do and some things you can proactively do to protect yourself! Share the hashtag #Freeprettryfrank along with this story and hopefully give other people a heads up, including some tips and ideas of how to keep their accounts safe and hopefully freed if they have fallen victim to these types of hackers as well.

Tips:

  1. Secure your account with two-step authentication now and, don’t wait on this one!
  2. Do not share your account details with anyone.
  3. Do not trust phishing emails like the one referenced above.
  4. Trust, and listen to your gut!
  5. Report these things and start to demand Instagram create better and faster solutions.
Resources: