Attackers Reportedly Deployed Simulated AI Support Chatbot to Trick Instagram Business Users into Adding Malicious 2FA Login

March 12, 2025

A reported phishing campaign has targeted Instagram Business users, allegedly through a chatbot interface that mimicked Meta support. Victims received emails concerning ad violations and were directed to a bogus site designed to resemble Meta's support. The simulated chatbot instructed users to add an attacker's Authenticator app for enhanced security, which enabled account takeover. The nature of the chatbot—AI or bot-like human operation—remains undetermined. Editor's note: such incidents underscore the importance of trustworthy AI and AI governance in maintaining safe and secure digital environments. For those interested in shaping AI incident response through Project Cerebellum, JOIN US.

This incident can be mapped to HISPI Project Cerebellum TAIM's Measure function, as it involves assessing the impact of AI-related threats and quantifying their consequences.

Alleged deployer

scammers-impersonating-meta-support, phishers, unknown-scammers

Alleged developer

unknown-generative-ai-developers

Alleged harmed parties

meta-users, instagram-users, instagram-business-users

Data source

Incident data is from the AI Incident Database (AIID).

When citing the database as a whole, please use:

McGregor, S. (2021) Preventing Repeated Real World AI Failures by Cataloging Incidents: The AI Incident Database. In Proceedings of the Thirty-Third Annual Conference on Innovative Applications of Artificial Intelligence (IAAI-21). Virtual Conference.

Pre-print on arXiv · Database snapshots & citation guide

We use weekly snapshots of the AIID for stable reference. For the official suggested citation of a specific incident, use the “Cite this incident” link on each incident page.

Attackers Reportedly Deployed Simulated AI Support Chatbot to Trick Instagram Business Users into Adding Malicious 2FA Login

Matched TAIM controls