I believe my friend's Instagram account got hijacked. When I clicked on the provoking message - I get a prompt asking for my password. Has anyone seen this bullshit before?

Probably trying to passthrough to another site. I'd call your friend and ask, definitely don't enter your password.

Seems like some shit that happened to my Facebook account like 5 or 6 years ago.

"Holy crap I can't be believe it's you in this video" *some clickbait bullshit link*

I'm debating making blank accounts for stuff just to use with these lmao

imagine getting a password from someone and being like "lmao dumb fuck" and it's a blank account with the only info being a bio stating "if you're reading this i'd appreciate it if you'd fucking perish, \"\"\"\"\"hacker\"\"\"\"\" fucker"

@Jilano wouldn't be surprised

@SortOfTested I did, and his response was “got damnit!!” he probably fell for it and entered his password, thinking it was legitimate lol

I can't tell if its a Turing-complete bot or a human with the response to my last message. 🤔

@Jilano .....no comment....

Well, it's VERY common even in some chat apps in China like QQ...

It's a cheating msg sent by robots mostly.

In my case, many people using QQ would get the message from their friends, said something about them (photos, or the original sentence "这是你？") and gave them a link(shorted link) or even a QR code directed to a Qzone login page. And if they enter this and even try to login in that, they will lose their account.(stolen).

Simply. It's a FAKE Login prompt, similar to official's interface but not the same.

To verify that it's official (although 'official' is next to impossible), check the link.

Using QR code is an advanced way to stole other's accounts.
It's lucky that this method haven't been used in inst...

And if you don't login, just click this link, you may also be in trouble.

Still in my case, QQ & Qzone are both dev.ed by Tencent so mostly they have the same encryption for login./1

After login, the token key(one of the most 'safe' way to check if it's the owner nowadays) will be saved into cookies, and one bug of Fast Login in QQ was that other website was able to get the token and other necessary codes for login with just a GET request to official API.

Here's the hacking process (of course in Chinese)
blog.csdn.net/qq_38837337/article/details/80673809

So if you see something like this, DO NOT easily enter or even believe it..

Always take care of yourself, and your accounts./2