Select Page

The soft spot of messengers: automated phishing, highly customized scams, and data for sale

Posted by | Apr 11, 2023 |

The soft spot of messengers: automated phishing, highly customized scams, and data for sale

The activity of online scammers in Telegram has significantly increased, as they take advantage of the convenient functionalities of the messenger, according to Kaspersky experts. Phishers are skillfully utilizing the messenger’s capabilities to provide various services from mass-scale automated phishing creation to selling data stolen during a phishing attack. Kaspersky’s new researchprovides a wide overview of phishing market in Telegram.

Phishing bots. Automated, quick and easy.

One of the most significant aspects of this trend is the use of Telegram bots to automate illegal activities, such as creating phishing pages and collecting user data. While bots in Telegram help users and businesses automate many routine processes, attackers have found ways to use these bots to automate their malicious activities.

Creating fake websites in a Telegram bot is a free and easy process that usually consists of several steps. A beginner scammer subscribes to the bot creator’s channel, selects the desired language, creates their bot, and sends the token to the main bot. The new bot is then created to receive data from users who followed phishing links and tried to log in to a fake site. Attackers can use this method to collect a wide range of data, including email addresses, phone numbers, account passwords, IP addresses, and the victim’s country. These bots provide a variety of targeted platforms, including messengers, social media, and popular brand websites, to be abused in a future phishing page.

Platforms that are available for creating phishing pages_ssict_430_694

Platforms that are available for creating phishing pages




Phishing-as-a-service. Exclusive, more targeted, more expensive.

In addition to free phishing kits and automated creation of phishing via Telegram bots, scammers offer paid goods and services under the phishing-as-a-service model. Attackers sell scam and phishing “VIP Pages” – websites created from scratch with a wider range of features or tools for generating such pages. These are no longer primitive copies of well-known brand websites, but more advances targeted scam resources. For example, a VIP Page may contain social engineering elements such as attractive design and promises of big wins, detection protection, etc. The prices for such fake pages vary from US$10 to $300.

Examples of scam pages for sale on Telegram_ssict_377_553

Examples of scam pages for sale on Telegram

Data for sale. No need to perform an attack, buy the data directly.


In addition, bank account data obtained through phishing is also put up for sale. Unlike the free data discussed above, paid data is verified up to the amount in the user’s account. For example, to access a bank account with a balance of US$1,400, the owners are asked to pay US$110, and the credentials from an account with a balance of US$49,000 were billed for $700.

Scammers offer access to a bank account with a balance of $49,000_ssict_429_373

Scammers offer access to a bank account with a balance of $49,000

“Messengers’ rise in popularity has unfortunately led to an increase in criminal activity on the platform. With its powerful automation capabilities, scammers have turned Telegram into a new avenue for darknet activity, including phishing and selling stolen data. It’s important for both users and security experts to stay vigilant and proactive in identifying and combatting these threats,” comments Olga Svistunova, security expert at Kaspersky. 

Learn more about phishing market in Telegram, on Securelist.com.

To keep your data protected from phishing attacks and leaks, Kaspersky experts recommend:

  • Be cautious of messages from unknown senders: Phishing attacks often come from unknown or suspicious-looking senders. If you receive a message from an unfamiliar user or number, don’t click on any links or provide any personal information.
  • Use strong passwords: Use unique passwords for all your messaging app accounts. Avoid using the same password across multiple accounts, and consider using a password manager to generate and store strong passwords.
  • Verify the authenticity of links: Before clicking on any links, check to see if they’re legitimate. Scammers often create fake websites that look similar to the real ones, so it’s important to double-check the URL before entering any login credentials or other sensitive information.
  • Use two-factor authentication: Adding an extra layer of security to your account can help prevent unauthorized access. Enable two-factor authentication on your messaging app to ensure that only you can access your account.
  • Use security solutions: a reliable security solution will protect your devices from various types of threats and will keep your data safe. 

About The Author

Nour Elotaiby

Related Posts

Paladion bagged the Best Managed Security Service Provider Award consecutively for two years

Paladion bagged the Best Managed Security Service Provider Award consecutively for two years

September 11, 2017

Kaspersky: WinDealer malware shows extremely sophisticated network abilities

Kaspersky: WinDealer malware shows extremely sophisticated network abilities

June 7, 2022

Trellix laser-focused on helping organizations achieve Vision 2030 goals

Trellix laser-focused on helping organizations achieve Vision 2030 goals

June 13, 2023

Trend Micro Midyear Report Highlights Need for Proactive Security

Trend Micro Midyear Report Highlights Need for Proactive Security

September 19, 2017

Latest News

Categories

WP Twitter Auto Publish Powered By : XYZScripts.com