Instagram phishing using HiddenEye
Phishing is an attempt to obtain sensitive information or credentials, such as usernames, passwords and credit card details, by disguising oneself as a trustworthy entity in an electronic communication.
In this post we will see how to phish Instagram accounts and also how to prevent this.
To perform phishing, various tools are available. Here we will use HiddenEye.
Installation
git clone https://github.com/DarkSecDevelopers/HiddenEye.git
cd HiddenEye
pip3 install -r requirements.txt
Usage
sudo python3 HiddenEye.py
Step: 1
Choose Instagram: [08]
Step: 2
Select Standard Instagram Web Page Phishing [1] from Operation mode:
Step: 3
If you do not want a Keylogger, choose N. You can also add a Keylogger by choosing Y to find the keys pressed while entering credentials. Here we choose NStep: 5
Since we don't want a Config file, choose N
Step: 7
Now's the fun part. Copy the NGROK URL and paste it on your browser or send it to your victim to get user credentials.
You can see the Instagram login page
HiddenEye can also be used to Phish various other accounts as we saw earlier.
Prevent Instagram Phishing
- Read permissions before giving authorization to any other third party apps.
- Always enable 2 factor authentication. Hackers won't be able to log in to your account even if they know the password.
- Do not authorize other apps to increase follower counts or auto liking platforms. Even if you do, change password immediately.
- And most importantly, do not open links from unknown sources.
This information is only for educational purpose and we are not responsible for any kind of illegal activity done by this tool.
Hope you have enjoyed reading this.
Leave a comment below
Leave a comment below
As someone whose Instagram account was phished ( by the person who wrote this article), I can guarantee that this works perfectly.
ReplyDeleteEnikk ninne ariyam 😂👀
Delete