Users of the Telegram instant messaging application are having their accounts hijacked. It all starts with a message from a known contact that includes a link to a web page where you can win a prize or enter a contest.
Telegram is considered one of the most secure instant messaging systems. However, cybercriminals have targeted this application to steal its users’ accounts. The victim receives a message requesting a gift, entering a contest, or enjoying Telegram Premium, just a few examples. According to alerts from Kaspersky, the message is accompanied by a link that will take the victim to a fraudulent site.
Once the user has fallen for the trap and clicked on the link, they are informed that to receive the prize; they must authenticate through Telegram by entering their phone number and a verification code or scanning a QR code.
There are no giveaways or contests. The message, in reality, has not been written by one of the contacts but by a cybercriminal who previously hijacked that other person’s account and indeed did it in the same way.
The links are created with URL shorteners, a method commonly used by attackers to avoid discovering the actual address of a site. In addition, they are more difficult to detect by antiphishing systems.
Most of the time, the websites the victim is redirected to are fundamental. The first page shows a message that may be ‘Free access to the trial version of Telegram Premium.’ The login is then displayed.
At this point, there are two possibilities: if the web has been opened from a computer, the login will be requested through a QR code, while if it has been done from the mobile, the country of origin and the number of the phone.
If the phone number is provided, cybercriminals will use it to log in from another device. The application’s security system requires user confirmation through a verification code sent to the mobile or computer where Telegram is authorized.
With two-factor authentication turned off, the code and phone number are all attackers need to log into the account. If the key is entered on the fraudulent website, they will control it and may even link it to other devices.
Everything will be even easier if the chosen method is the QR code. A verification code will not even be required. The particularity is that it is not a QR code to log in from the victim’s phone but a code to connect an additional device or open a web session with the account. By scanning that code, cyber attackers will automatically log in and take control of the account.
To protect yourself from these types of scams, experts recommend the following:
If you’ve already become a scam victim by entering a code on a fake site, act fast to regain control of your account. Head to Settings → Devices and tap on Sign out all other sessions.
Benefits of Using a Zero Brokerage App in India Investing has become increasingly popular, with… Read More
You have a complete profile and hundreds of contacts, and you have been posting regularly… Read More
The importance of folic acid is mentioned mainly in connection with pregnancy. During pregnancy, its… Read More
Before discussing chrome.//net-internals/dns, you should know about the DNS server, what DNS is, and its… Read More
Digital Marketing is the set of strategies focused on promoting a company or brand on… Read More
Do you want to get rid of skin fatigue? Vitamin C Serum is the answer.… Read More