Your profile photo vanishes. Your email is changed. A password reset you never requested lands in someone else's inbox. You're locked out of your own Instagram account, and you didn't click a single suspicious link.
In early 2026, attackers manipulated Meta's AI support chatbot to approve password resets on roughly 20,225 Instagram accounts over seven weeks. This episode breaks down how social engineering evolved from targeting human support reps to exploiting AI-powered customer service systems. We cover identity verification failures, how chatbots became part of the security boundary, the policy response led by California Attorney General Rob Bonta and 40 state attorneys general, and the difference between traditional phishing and trust-layer manipulation. You'll hear why separating chat from authority matters, what phishing-resistant multi-factor authentication means, and how to apply throttling, anomaly detection, and tabletop exercises for bot abuse.
This is for anyone managing Instagram accounts, security teams integrating AI support tools, and developers building customer service automation who need to understand where convenience meets risk.
YouTube more your speed? → https://links.sith2.com/YouTube Apple Podcasts your usual stop? → https://links.sith2.com/Apple Neither of those? Spotify’s over here → https://links.sith2.com/Spotify Prefer reading quietly at your own pace? → https://links.sith2.com/Blog Join us in The Cyber Sanctuary (no robes required) → https://links.sith2.com/Discord Follow the human behind the microphone → https://links.sith2.com/linkedin Need another way to reach me? That’s here → https://linktr.ee/rich.greene
Podden och tillhörande omslagsbild på den här sidan tillhör
Rich Greene. Innehållet i podden är skapat av Rich Greene och inte av,
eller tillsammans med, Poddtoppen.