Content creators and Instagram influencers in Qatar are falling victim to a repetitive suspension scam– threatening their livelihood in the split of a second. 

After four years of relentless nights of editing, brainstorming, and hopping on every trend to ensure her success in a market that is known to be extremely competitive, Vallery, a social media influencer, was finally about to hit 70K followers on Instagram. 

This was a big moment for her— and what some would consider a ‘big promotion’. For a content creator, more followers typically means more collaborations with brands, more exposure, and essentially – more money to make a good living from social media alone. 

Just as the last follower hit her account, Vallery posted a celebratory post thanking everyone who was part of her journey and trusted her enough to interact with her content. 

Within moments, however, after the first few of likes on her the post, the 27-year-old Qatar-based resident received a message that put her livelihood on the line: “your account has been disabled for violating our terms.”

“It was a moment of shock to me. This was my whole life, my whole career. It might seem normal to others, but my account is my job. For it to be suddenly suspended, not even deactivated, meant that I was out of a job I had worked [for] years to sustain,” the social media influencer told Doha News.

Confused and alarmed, she rushed to check the terms she allegedly violated, but it did not make sense. According to Instagram, she had ‘impersonated someone else,’ a false pretext that did not ring true for any of her content at the time.

After scouting around and asking for help, Vallery realised that she was not the only one in such a situation, but was a victim of a  phishing scam that has been targeting influencers in Qatar for months.

Influencers in a hurdle of online-threat

Tens of professional content creators on Instagram– widely known as social media influencers– have found themselves in a loop trying to regain access to their accounts after receiving sudden and vague messages from the application informing them that their accounts have been suspended. 

The reasoning behind the suspension differs and depends on how ‘easily’ accessible the users’ Instagram account is. 

But one thing all the suspensions have in common – is that they are not posting anything in violation of the platform’s rules, rather that they are victims of a hacking scam, one that has been spreading recently in Qatar. 

Anas Abouqamer, a Qatar-based influencer with a significant Instagram following, had his account suspended at least six times. The first time, he remembers, was after he covered an important and exclusive event for Al Shaqab – which not many influencers had been invited to.

After he began posting the content and getting views, his account was immediately suspended. 

“What happens is that you receive a message on your phone saying we need to verify that it is you, so they ask you for your phone number. Sometimes programmes can replicate how Instagram or Facebook or WhatsApp look to get you to enter your credentials and then hack you. But this is different. This was Instagram itself,” he said.

“You put your phone number and you get an OTP. You put that OTP and then there’s a message that comes up that says thank you for verification, we’ll get back to you within 24 hours.”

After the user receives the message, they cannot access their account for at least 24 hours, Anas explained. “It’s a huge disruption, especially if you’re in an event and need to cover it.”

Around a day later, the user receives an email from Instagram either giving them access or suspending their account. 

“Most of the time, the account gets suspended. They add that you can appeal if you think there’s a mistake, but it’s a hectic process and can take weeks to resolve.”

The user is then asked to take a picture with a code specifically sent to them by Instagram, and later the application’s team look through it. After a while and a rigorous back and fourth with Instagram, they get access to their account back. 

Whilst this process may not appear to be a big deal, for content creators who rely on their social media for revenue, it can be threatening to their careers. 

“You can’t post anything, have to put all the content you planned on hold. You don’t even know whether you will get your account back for sure or you’ve lost it forever. It’s scary,” Vallery said.

“Some brands will even think twice before hiring you because you become unreliable. What if your account gets suspended and you can’t post their content on time? It’s horrible.”

Several influencers in Qatar have found themselves dealing with the same process in the past months. Anas told Doha News that it started happening so often that he decided to create a WhatsApp group for those who got suspended to guide them through the process.

“I’ve started a WhatsApp group called disabled content creators because it was something new. Nobody knew what was happening, so I was guiding them through what to do. Right now, the group has eight people, all who went through the same thing,” he said.

A look behind the scenes: profiting off weak cyber-security 

The latest string of attacks is much more than a simple personal vendetta against the users, but rather a growing business for a number of hackers who are no more than 16 years old. 

Anas, who is in contact with one of the hackers, explains what happens behind the scenes. 

“Hackers have a WhatsApp group that they bid on. Somebody sends their account [the person they want to be banned] or they send their information to that group. They then say the person that’s hiring this job is willing to pay $60. Is anyone willing to take the job? They bid, and then it gets done,” he explains. 

There are two ways the hacker can suspend a user, Anas claims. One is by paying a verified account to change their bio and picture to the user targeted, then file a report to Instagram claiming that this person is impersonating them.

Since the person is verified, Instagram automatically suspends the account for review.

The other way is through a ‘spam attack.’

“They send thousands, or I’m not sure of a number, but a wave of spam reports against your account. They’ll report you for nudity, self-harm, or music copyright. They will report all your account and all your posts for all these until it finds one match, you know, or it suspects a match, then the ban happens.”

But the business does not stop there. After the account gets banned, the hacker, or anyone from the same group, contacts the user and offers to unban their account for a fee. This way, the fraudster benefits twice. And by making the payment method Crypto, the transaction is undetectable.

 And thus, the business grows. 

“They can ask up to $600 to get your account back, and you get desperate, so you pay it,” Anas said. “They’re just looking for ways to profit. They’re kids, 13-16-year-olds,” he added.

From the eyes of experts

As hundreds of Instagram accounts continue to fall victim to phishing scams across the globe, a cyber security expert explains to Doha News why the application can’t tackle such attacks. 

According to the expert, attacking an Instagram user is extremely easy due to the ever-evolving nature of the web. Nowadays, no malware is even needed for hacking, making it impossible to track data whenever Instagram opens an investigation. 

“It is very difficult to track hackers down anyone on the internet when they have the capabilities to mask and obfuscate their identity. The internet is designed to be privacy-preserving, and utilising privacy-preserving technologies is very easy,” he added.

“VPNs, proxies, TOR networks, unidentifiable email addresses, private domain purchasing are some of the ways that are used by attackers that are near enough impossible to track. There have been attempts by governments and agencies to track down organised cybercrime units, with some success but this only scratches the surface.”

With that being said, the growth of the cyber landscape and the high rewards for compromising high-profile individuals plays a huge factor in continuously allowing malicious attackers to pursue such scams.

“Ever since the transition to WFH (caused primarily by Covid), the attack surface for hackers has increased dramatically. WFH means users are sometimes using their own devices (unsecure, unamanaged and unpatched) and connecting to their own network (low security, unmonitored etc) and are in a relaxed environment that does not promote security,” the expert told Doha News.

How do you stay safe?

Social media firms must walk a tight line between security and privacy, the expert explains. 

Some people find it intrusive to be asked for their passport or a scan of their ID, and so due to the privacy aspect of it, companies don’t. Doing so, however, could help prevent phishing accounts and fraudulent imposter accounts.

“At this moment in time, social media companies are at the maximum they can do and any more would cause a backlash and scepticism from users,” the expert said.

“Users utilising all the security mechanisms that social media services have to offer are extremely less likely to be attacked such as multi-factor authentication, not reusing passwords, not publicising the accounts email address, not clicking email links to reset passwords when you haven’t requested it and not downloading files from DMs.”

Another way of ensuring you’re safe, according to Anas, is to have a profile picture that cannot be claimed to be someone else. This way, you eliminate one way of suspending your account.

“I have a cartoon animation as my profile picture, for example, so it makes my account safer because you cannot claim that an animation is yours,” the influencer explained. 

As far as it is known, this is the most a user can do to outsmart hackers.