Telegram is at the epicenter of a new wave of fraud.
Recently, cases of fraudulent attacks on users of the popular Telegram messenger have become more frequent. Attackers use a sophisticated phishing scheme to gain unauthorized access to victims ' personal accounts.
According to the F. A. C. C. T. company, criminals send messages on behalf of the fake Telegram support service with a false warning that a request to delete the recipient's account has allegedly been made. To prevent unwanted deletion, attackers convince the victim to click on a malicious link to cancel this procedure.
The link leads to a site carefully disguised as the official Telegram interface. Here, the user is prompted to enter their phone number linked to the account, as well as a one-time security code sent from Telegram.
After receiving the phone number and code linked to the account, attackers intercept control of the Telegram account, gain access to archives, correspondence, and channel management, if the victim was an administrator or owner of one of them. It is noteworthy that the phishing resource immediately returns an error when entering incorrect credentials, simulating legitimate behavior.
Malicious links are distributed via private messages in Telegram, so scammers do not need to create many phishing clones - just one active resource and a backup domain in case the previous one is blocked.
It should be noted that third parties cannot request the deletion of an account in Telegram: only the account owner can do this in the messenger settings. You can delete your own account immediately or activate it automatically after a specified period of inactivity.
F. A. C. C. T. experts strongly recommend that Telegram users take all possible security measures: set a cloud password, do not transfer one-time codes to anyone, especially to dubious "support services", and carefully check the legitimacy of any sites that are offered to go to under dubious circumstances. This can be done, for example, by name and using whois services that will help you determine how long ago the site was created and other information.
Earlier, analysts of the Solar group of companies told how cybercriminals hack Telegram accounts using thematic sites with images.
Recently, cases of fraudulent attacks on users of the popular Telegram messenger have become more frequent. Attackers use a sophisticated phishing scheme to gain unauthorized access to victims ' personal accounts.
According to the F. A. C. C. T. company, criminals send messages on behalf of the fake Telegram support service with a false warning that a request to delete the recipient's account has allegedly been made. To prevent unwanted deletion, attackers convince the victim to click on a malicious link to cancel this procedure.
The link leads to a site carefully disguised as the official Telegram interface. Here, the user is prompted to enter their phone number linked to the account, as well as a one-time security code sent from Telegram.
After receiving the phone number and code linked to the account, attackers intercept control of the Telegram account, gain access to archives, correspondence, and channel management, if the victim was an administrator or owner of one of them. It is noteworthy that the phishing resource immediately returns an error when entering incorrect credentials, simulating legitimate behavior.
Malicious links are distributed via private messages in Telegram, so scammers do not need to create many phishing clones - just one active resource and a backup domain in case the previous one is blocked.
It should be noted that third parties cannot request the deletion of an account in Telegram: only the account owner can do this in the messenger settings. You can delete your own account immediately or activate it automatically after a specified period of inactivity.
F. A. C. C. T. experts strongly recommend that Telegram users take all possible security measures: set a cloud password, do not transfer one-time codes to anyone, especially to dubious "support services", and carefully check the legitimacy of any sites that are offered to go to under dubious circumstances. This can be done, for example, by name and using whois services that will help you determine how long ago the site was created and other information.
Earlier, analysts of the Solar group of companies told how cybercriminals hack Telegram accounts using thematic sites with images.
