Have you ever tried to sign up on a social media platform but couldn’t get the username you wanted? Well – there’s a huge community of online hackers that can help you out. Social media users with highly coveted usernames have become the target of cyber criminals who hope to sell usernames for a profit.
OGUsers, an online forum that possesses a huge marketplace for access to these hijacked accounts, has been identified as the main perpetrator of stolen user accounts. In 2020, OGUsers was also accused of hacking Twitter, with well known celebrities such as Elon Musk being among those affected.
As a result, social media platforms have started to crack down. Instagram has banned hundreds of accounts on its platform that have been tied to online username theft. This ban was preceded by a multi-month investigation conducted by Instagram on OGusers.
Moreover, Instagram found that nine cybercriminals were behind the seizure of countless Instagram accounts, with middlemen involved in orchestrating the buying and selling procedures. Other large social media companies such as Twitter, Facebook, and TikTok have followed Instagram’s example by closing down a myriad of stolen accounts on their own respective platforms.
Moreover, according to an interview with Facebook conducted by KrebsOnSecurity, online hackers were able to successfully steal accounts from users by using both intimidation and harassment tactics, which include coercion, hacking, and extortion. Once stolen, cyber criminals migrate to dark web forums and messaging apps in order to buy and sell these usernames.
Short usernames, in particular, are at the top of the hijacker’s priority list. These usernames are particularly valuable because they are typically used as a status symbol, with countless celebrities and influencers on social media flaunting these single-name handles.
The ban, however, is only the beginning of a long journey ahead. Despite their efforts, thousands of accounts are still being stolen daily on Instagram, Facebook, Twitter, and TikTok. At present, the identification and removal of these accounts is the only solution.