[kube-system]

This particular scheme has been a ridiculous plague among my circle of friends on instagram recently. People create accounts mimicking an existing user, add an underscore at the end of the username, and then spam follow requests to all of their connections. Most people get a notification from someone they know, and they accept it without even thinking about. It is insanely effective.

Reporting the accounts for impersonation seem to do nothing, instagram's responses to the support requests even say they don't have enough people to look at all of them, and so they didn't.

[openknot]

Yeah, unfortunately multiple reports of the impersonator's account doesn't work in practice, even though it really should. Another source confirming this is from the Bleeping Computer article (source: https://www.bleepingcomputer.com/news/security/instagrams-da...).

I read that the fastest way to take down the account is for the person getting impersonated to fill out a form (via Instagram's help page at https://help.instagram.com/370054663112398), which unfortunately requires a picture of the person's driver's license/government-issued ID.

[Beldin]

> which unfortunately requires a picture of the person's driver's license/government-issued ID.

They should move to something like IRMA (1). This would ensure they don't get data except for the government's certification that you're really who you claim to be.

(1) https://privacybydesign.foundation/irma-en/

[kube-system]

Works great for any government as long as your government is the Netherlands.

[ChrisMarshallNY]

> requires a picture of the person's driver's license/government-issued ID.

I have no idea whether or not it is illegal to ask for this, but it is generally considered dangerous to send photos of your state ID.

[ghaff]

Not quite the same thing but it's quite common for hotels (in Europe in particular) to make a copy of your passport, for auto dealerships (at least in the US) to make a copy of your driver's license for a test drive, and many many other situations. I'm sure I'm forgetting lots of other cases. (And Twitter requires for verified accounts.)

[marcosdumay]

Is this a US thing related to identity theft, or is there a deeper reason?

[bombcar]

It's usually an identify theft thing, because if I have all the information on your state ID I can make a copy that would be good enough for ... getting access to your instagram account I guess.

It's pretty hard to fake an ID in physical form, but one good enough for a webcam photo shouldn't be too hard.

[ChrisMarshallNY]

I just got my passport renewed.

The new US passport is pretty crazy. The photo page appears to be one giant NFC chip. The picture is barely visible. I suspect that it is meant to be inserted into some kind of reader machine, that will display a high-resolution version to the Customs agent.

[kube-system]

The new ones in 2021 added more features (the photo page is polycarbonate instead of paper), but they've had RFID embedded in the cover since 2006

https://en.wikipedia.org/wiki/United_States_passport#Biometr...

[bombcar]

This is exactly what happens, you lay your passport on a scanner thing machine, and the guard never looks at the title page, just stamps the visa, etc.

Or if you have an older passport, you lay it on the scanner machine five or six times, then an assistant comes and tries it on four or five of the machines, then gives up and hands you and the passport to the guard.