Hacker holds Kendall personal trainer’s Instagram account for ransom

(WSVN) - We’ve seen hackers demand ransom money from governments and businesses. Now, they are targeting individuals like you and me after seizing our social media accounts. The Nightteam’s Kevin Ozebek with tonight’s 7 Investigates.

For Seana Mendez, the gym is her office.

Seana Mendez: “I loved working out with my dad and developed a passion for it.”

As a personal trainer at Paradise Gym in Kendall, she has two main marketing tools: her beach body and her Instagram account.

Seana Mendez: “I need to maintain myself and promote myself to hopefully gain clients who want to train with me.”

By posting a combination of pics highlighting her physique and the extremely difficult exercises she does to maintain her fitness, Seana has built up a base of nearly 28,000 followers.

Seana Mendez: “It’s a really big thing for my business.”

So, you can only imagine her shock when earlier this month, she suddenly lost access to her account.

Seana Mendez: “I go into my Instagram and it says password is wrong.”

Seana then saw this message in her inbox saying, “The email on your Instagram account was changed.”

Seana Mendez: “I was just logged out completely.”

Soon after she got these messages on WhatsApp: “Hi seana” and “I am the hacker.”

Seana Mendez: “I felt like it was a movie. It said, ‘Hi Seana, I’m the hacker’ just like that.”

The hacker identified himself as “ArgeX” and texted Seana her Instagram password.

Kevin Ozebek: “Did your heart sink seeing that?”

Seana Mendez: “Yeah, because I know I have that for a lot of other accounts. He even said, ‘If I were you, I would change it because I can get into a lot while you’re sleeping.'”

The hacker demanded “$350 in Bitcoin.” He told Seana if she doesn’t pay up, “The account and all data will be deleted permanently.”

Kevin Ozebek: “Where you ever afraid for your personal safety?”

Seana Mendez: “A little bit. I do post where I work. Clearly, he’s a hacker and can probably figure out where I live easily.”

Leeor Geva: “This is very common. Very, very common.”

Tech expert Leeor Geva says individual social media accounts are held for ransom more often than you’d think. Hackers can find username and password information on the deep dark web.

Leeor Geva: “It’s more and more common because people use the same password everywhere, and then, criminals, hackers try that password on different services. Once you are hacked, you’re dealing with a headache.”

But, there is a solution. You can download what’s called a “two-party authentication” app. I now have one on my phone.

Every 30 seconds, it will generate a new code that’s needed in addition to a password to log-in to my apps like Facebook and Instagram.

Leeor Geva: “It’s a pain in the butt, but you can reduce your hack-ability to ZERO.”

As for Seana, she endured five days of texts from the hacker but refused to pay him.

Seana Mendez: “I contemplated it, but I didn’t want to let this guy win.”

Luckily for her, she learned a friend of a friend works at Facebook. Since Facebook owns Instagram, that contact was able to get her account back in her hands.

Seana has already downloaded a two-factor authentication app. She’s advocating for everyone she knows to do the same.

Seana Mendez: “I think if I would have had that on, this would have been prevented.”

Now, Seana is back to pushing herself at the gym and posting it for her thousands of followers to see.

In your phone’s app store, you can find a number of free two-factor authentication apps. This includes ones made from both Google and Microsoft.


Copyright 2021 Sunbeam Television Corp. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.