Instagram Phishing Attacks Are Back: Here’s How to Protect Your Business and Staff

Phishing attacks are nothing new but cybercriminals continue to adapt their tactics, now blending social engineering with real platform features to trick even tech-savvy users.

A new phishing campaign targeting Instagram users is making the rounds in 2025, and it’s more convincing than most. While it may seem like something that only affects influencers or personal accounts, this scam has serious implications for businesses, nonprofits, and municipalities using Instagram for outreach or brand visibility.

Here’s what you need to know and how to keep your accounts and employees safe.

Instagram Phishing Scam: How to protect your business account with SofTouch Systems.

The Scam: Fake Copyright Violation Claims

Victims receive a direct message or email claiming their Instagram account has violated copyright law and will be disabled unless they respond. The message includes a legitimate-looking link to appeal the alleged violation.

But here’s the trick: the link leads to a fake login page that perfectly mimics Instagram’s interface. Once a user enters their credentials, attackers gain full access to the account, sometimes locking out the original user within minutes.

Why This Matters for Your Business or Agency

If your organization uses Instagram to:

  • Communicate with the public
  • Share updates or promotions
  • Post official alerts
  • Engage with your local community

…then you are a potential target. Social accounts are often managed by multiple team members, and one wrong click could result in:

  • Public-facing posts made by attackers
  • Loss of account access
  • Credential reuse that compromises other accounts
  • Reputational damage and public confusion

Worse, many attackers use compromised accounts to phish more victims, putting your audience at risk.

Warning Signs of This Instagram Phishing Scam

Here’s how to spot the fake messages:

  • Urgency or fear tactics (“Your account will be disabled in 24 hours”)
  • Poor grammar or off-brand formatting
  • Unusual sender address or profile name
  • Links that lead to non-Instagram domains (hover before you click)
  • Requests for passwords or 2FA codes

Instagram and Meta will never DM you about copyright violations, all official communication is through the in-app notification center or verified email addresses.

How to Protect Your Staff and Accounts

At SofTouch Systems, we recommend every organization take these basic steps:

✅ 1. Enable Two-Factor Authentication (2FA)

Add a layer of protection, even if your credentials are stolen, 2FA makes it harder to breach your account.

✅ 2. Assign Social Media Access Carefully

Use shared credential managers like Bitwarden, or assign platform-specific roles rather than sharing passwords.

✅ 3. Train Your Team

Anyone with social media access should receive brief training on how to spot phishing, especially on mobile devices.

✅ 4. Regularly Audit Who Has Access

Remove old logins, ex-employee access, or outdated integrations.

✅ 5. Use a Central Password Manager

Secure access to all your business platforms in one place with logs and alerts.

What SofTouch Systems Can Do for You

We help small businesses, nonprofits, and public sector organizations in Texas:

  • Assess social media access risks
  • Set up secure access and MFA policies
  • Provide staff phishing training
  • Manage passwords with encrypted, shared vaults
  • Monitor suspicious activity across your digital presence

If your organization relies on Instagram or Facebook to reach your audience, don’t wait for a hack to act.

Don’t Let a DM Take Down Your Brand

Phishing is getting more sophisticated, and your public-facing accounts are often the first place cybercriminals target. One employee mistake can snowball into a reputational crisis.

Stay vigilant, train your team, and secure your tools.

Need help reviewing your public accounts or access policies?
We’re here to help.

This Overlooked Windows Setting Leaves You Vulnerable: Here’s How to Fix It

For many small business owners, nonprofit managers, and city administrators, the idea of a cyberattack feels distant, until it isn’t. The reality is that most breaches don’t happen through brute force or sophisticated code. They happen because of misconfigured settings or basic security features being turned off.

One such example? Memory integrity protection, a powerful Windows security feature that’s disabled by default on many machines.

If your team relies on Windows 10 or Windows 11 devices, this guide will explain what this setting does, why it matters, and how to turn it on.

Memory Integrity Protection Disabled? Enable this vital windows security feature now!

What Is Memory Integrity Protection?

Memory integrity is part of Microsoft’s Core Isolation security system. It uses virtualization-based security to protect your computer from low-level attacks that target your system’s core processes.

Here’s what it does:

  • Prevents malicious code from injecting into high-level processes
  • Stops some forms of zero-day and kernel-level attacks
  • Adds an extra layer of protection to critical Windows functions

This feature is especially valuable for SMBs and government entities, where one infected machine can compromise shared files, connected drives, or cloud systems.

Why Is It Turned Off by Default?

The short answer: compatibility.

Memory integrity requires driver compliance, if your system has outdated, unsigned, or incompatible drivers (especially for older hardware or third-party devices), Windows turns the feature off automatically to prevent performance issues.

That means even brand-new business computers may not have this feature enabled unless someone specifically checks and resolves driver conflicts.

How to Check If It’s Enabled on Your Device

Here’s how to find out:

  1. Press Start and type Core Isolation
  2. Click on Core Isolation under Device Security
  3. Look for Memory Integrity
  4. If it says “Off”, click Turn On
  5. Reboot your system when prompted

⚠️ If you receive an error or warning about incompatible drivers, don’t ignore it, note the driver’s name and contact your IT support provider to update or replace it.

What to Do If Memory Integrity Won’t Turn On

Sometimes, enabling this setting isn’t straightforward. Here’s what you or your IT team should do:

  • Update drivers using the manufacturer’s official websites
  • Uninstall unused or legacy drivers that may be blocking the feature
  • Run Windows Update to check for system fixes
  • Consider a hardware refresh if you’re consistently running into driver issues on older machines

Why This Setting Is Especially Critical for Public Sector and Regulated Organizations

For municipalities, school districts, and nonprofits handling sensitive citizen or donor data, kernel-level attacks can:

  • Undermine compliance with data protection regulations
  • Bypass traditional antivirus systems
  • Result in complete control over your devices by attackers

Enabling memory integrity protection is one of the easiest ways to reduce risk, and most organizations don’t even know it’s turned off.

Enable this Windows security setting now! For any assistance please contact us at SofTouchSystems.com.

SofTouch Systems Can Help

At SofTouch Systems, we help organizations across Central and South Texas:

  • Perform security audits on Windows endpoints
  • Check for missing or misconfigured protections
  • Update and patch systems organization-wide
  • Develop IT security policies that include hardware and driver vetting

Whether you’re a small town with five machines or a nonprofit running remote staff, we can help you secure every layer of your infrastructure, starting with the settings most people overlook.

Don’t Wait for a Breach to Flip the Switch

Cybersecurity isn’t always about expensive software. Sometimes, it’s as simple as enabling the settings Microsoft gave you and making sure they work properly across your entire network.

Check your device today. Then make a plan to check every device in your office or agency. And if you’re not sure where to start, you don’t have to do it alone.

Running Out of Gmail Space? Here’s How to Beat the 15GB Limit Without Losing Critical Emails

For many small businesses, nonprofits, and municipal teams, Google Workspace (formerly G Suite) is the backbone of daily communication. But over time, the 15GB of free storage across Gmail, Google Drive, and Google Photos can fill up, fast.

Once your inbox hits capacity, new messages bounce, attachments go missing, and workflows grind to a halt.

The good news? You don’t have to delete important emails or start paying for more space immediately. With the right cleanup strategy and tools, you can reclaim gigabytes of space and keep your digital operations running smoothly.

Here’s how to manage Gmail storage effectively, keep essential messages, and avoid disruptions, especially if your business or department isn’t ready to upgrade to a paid tier just yet.

your Gmail Storage. 1. Check what is hogging the space. 2. Delete by age or file size. 3. Get rid of junk emails.

Why Gmail’s 15GB Limit Is a Hidden Bottleneck for Business Users

While 15GB may sound generous, that space is shared across:

  • Gmail inbox (and sent mail)
  • Google Drive files (including large PDFs, video, ZIPs)
  • Google Photos (if syncing is enabled)

For small organizations with a single account managing multiple roles (e.g., HR, operations, finance), this shared cap becomes a liability.

Signs you’re approaching or exceeding Gmail’s limit:

  • You receive alerts like “You’re running out of space”
  • Clients say they get bounce-backs when emailing you
  • Google services become sluggish or stop syncing
  • Drive won’t allow uploads of new files

Rather than delete your archive or shell out for extra storage, try this first:

Step 1: Identify What’s Hogging Space

Visit GOOGLE to see a breakdown of how your space is being used across Gmail, Drive, and Photos.

Often, Gmail is the primary culprit, especially if your inbox holds years of attachments, newsletters, or junk mail you’ve forgotten about.

Step 2: Bulk-Delete Large Emails by Age

Use Gmail search filters to locate emails with large attachments:

has:attachment larger:10M older_than:1y

This command finds all emails older than a year with attachments over 10MB. Review and delete anything non-critical (e.g., outdated reports, past contracts, media files).

You can also search by file type:

filename:pdf larger:5M

Once deleted, don’t forget to empty your Trash folder to free the space.

Step 3: Tame the Promotions and Social Tabs

Marketing emails and social updates often clog up inboxes. You can search and mass delete them like this:

category:promotions older_than:6m  
category:social older_than:6m

Pro tip: Use Gmail’s “Select All Conversations” option to clear thousands of messages in seconds.

Step 4: Use Google’s Storage Management Tools

Google’s Storage Manager Tool highlights emails with large attachments, Drive clutter, and spam with one-click deletion options. It’s fast, easy, and surprisingly effective.

Step 5: Offload and Archive Critical Data Securely

If your inbox stores important records you can’t delete, consider exporting them using Google Takeout, or better yet — partner with a trusted IT provider like SofTouch Systems.

We help small businesses and public agencies:

  • Archive historical emails safely
  • Back up Gmail and Drive to external or cloud environments
  • Move to custom email hosting with higher limits and better control
  • Implement automated inbox hygiene policies for staff accounts

Why SofTouch Systems Recommends Proactive Email Storage Management

Hitting your storage limit isn’t just a nuisance — it can cost you:

  • Missed client emails
  • Lost opportunities
  • Breakdowns in internal communication
  • Compliance issues for organizations subject to data retention policies

If you’re already running low, it’s time to take action before business continuity is impacted.

Free Up Space Without Losing What Matters

Email is mission-critical. Don’t wait until your inbox grinds to a halt. With the right filters, tools, and storage strategies, you can extend the life of your Gmail account without deleting essential communications or upgrading prematurely.

Need help managing your inbox, migrating to a custom domain, or backing up years of valuable messages? SofTouch Systems has you covered.