Instagram account hijacked to sell fake Oasis tickets; two people lose hundreds as owner struggles to regain access
A Hertfordshire man's Instagram was taken over by scammers who posted fake Wembley tickets, highlighting gaps in account recovery processes and the importance of two-factor authentication
A man from Hertfordshire discovered his Instagram account had been hijacked on a Saturday night after friends messaged him about posts selling fake Oasis tickets, and two people who responded to the scam transferred a total of £700 before the account was restored.
The user, identified in reporting as Jon, said he was leaving the theatre with his wife when he opened his phone to unusually many messages and then found an email informing him his Instagram password had been changed. Although he had not posted since 2021, he used the platform’s direct messages to keep in touch with friends. Scammers had taken over his profile, posting a grid entry and multiple stories that read, in one instance, "Selling 2 tickets only - Oasis Wembley London. Just a change of plans - no profit, just looking to pass them on."
The scammers also messaged the account owner’s close contacts asking them to share the posts, and some friends did so believing the messages came from him. Several recipients quickly noticed irregularities — including the use of emojis the owner does not use — but others did not. Two people who had seen the post then contacted the compromised account and transferred £400 and £300 respectively for the tickets. One of those victims said she later realised the profile had vanished and the messages had stopped after being asked to pay extra to change the name on the tickets.
Jon said he was "unbelievably stressed" and unable to access the account despite submitting Instagram’s recovery forms and completing a selfie verification process. He reported that even after flagging the hack, the scam posts remained live and the fraudsters continued to use his account. He later discovered that two-factor authentication (2FA) had been linked to the scammers’ phone numbers, a condition that was rectified only after intervention with Meta, he said.
Meta told reporters it had been in touch with the user and that account access had been restored and the scam posts removed. A Meta spokesman said the company had helped the user regain access and emphasised that "no system is perfect, particularly when it comes to identifying and removing content tied to compromised accounts." The spokesman reiterated that two-factor authentication is available to all users and "prevents unauthorised access to accounts even if hackers have your password, which we'd strongly recommend is enabled by all users."
A spokeswoman for the affected user said the account owner had not enabled two-factor authentication at the time of the hack. The user criticised the speed and complexity of the recovery process, saying the slow response left friends exposed to financial loss and generated hostile messages from contacts who felt duped.
Financial-sector data published this year has flagged trends in concert-ticket and event-related fraud. TSB data cited by media outlets shows that fans searching for Oasis tickets have been disproportionately targeted, recording 78% more scam cases than searches related to Taylor Swift and losing an average of £318 per incident. Reporting earlier in the year described similar compromises in which social media accounts were used to sell fraudulent cryptocurrency products, and victims faced comparable difficulties recovering access.
One victim in the latest case said she was hopeful of recovering some money because her bank had opened an investigation. She described feeling "silly" for falling for the scam and urged other users to be vigilant even when a profile appears to belong to a friend.
Security experts and consumer advisers have long urged social media users to enable two-factor authentication and to treat unsolicited messages requesting payment with caution. Account recovery processes on major platforms typically require identity checks such as selfie verification, but users and consumer representatives have raised concerns about the time it can take to restore control and the ability of scammers to change account security settings while a profile is compromised.
Meta acknowledged the evolving sophistication of scams and said it works to identify and remove content tied to compromised accounts, while recommending that all users enable two-factor verification. The affected account owner said he hopes the experience will prompt faster response times from platforms to reduce the risk to others.
