High-profile Instagram accounts are being targeted by ransomware attacks and phishing schemes, with evidence suggesting that many account holders are paying the attackers.

According to a Motherboard report, hackers are infiltrating and gaining access to Instagram accounts by posing as representatives from branding giants to purport a proposed partnership with the victim. The scammer typically sends a link to the Instagram account holder which evidently spoofs the photo-sharing platform’s login portal which are promptly captured by the opportunistic attacker.

After the account compromise, the attacker blackmails the victim by suggesting that they have three hours to pay a bitcoin ransom of their account, and all the data as well as followers associated with that account, with be deleted permanently.

Panicked victims who do not want to lose their followers since it’s going to take much too long to build that base again, end up paying amounts  – in the hundreds of dollars in bitcoin – to regain access to their accounts.

“Your Instagram has been hacked,” the message sent to various high-profile Instagrammers reads. “[W]e will have to delete your account within 3 hours,” the hackers’ message adds, threatening to wipe out the account if the ransom isn’t paid.

One particular fitness-focused Instagrammer from Los Angeles, Kevin Kreider, told the publication that his account was deleted despite paying $100 in cryptocurrency. He lost over 100,000 followers and a major facet of his social media-focused business.

‘Kreider eventually got his account back—it’s not clear how though, Instagram didn’t say—but Kreider is not the only person to fall victim to these hackers this month,’ the report added.

A security expert at Avast has a simple suggestion to circumvent the phishing hack altogether.

Cybersecurity evangelist Luis Corrons said:

  “These attacks can easily be avoided by enabling two-factor authentication.”

This article originally appeared on