Telegram scammers started using group chats
[ad_1]
During the March holidays, hacking of Telegram accounts became more frequent. We are talking about the theft of hundreds of millions of rubles, Vedomosti writes. The hacking scheme consisted of the attackers first hacking one user and on his behalf creating a general chat with familiar contacts. It contained a message asking you to vote for the chat organizer in the competition, for which you had to follow a link. As a result, the user’s account data was stolen. In the future, this system of hacking was repeated in a circle, and the hackers, taking advantage of the trust of the victim’s acquaintances, could also ask for a loan.
Most often, the victims are individual entrepreneurs without two-factor authentication enabled, the publication notes. As Kommersant FM found out, one of these was the founder of the PurpleDoor advertising agency Alexey Pak; his account was hacked using the same scheme.
“I was sitting at a conference, distracted by the speaker, then when I opened the computer again, I saw that I was thrown out, this happens in Telegram. I re-entered my phone number and realized that the messenger wanted me to register again. At first I deleted the application on my phone, I thought, well, anything can happen, and after a couple of minutes I realized that, most likely, my account had already been changed. I called my employees and asked them to log into my Telegram account and see what was happening there. Based on the phone number that had changed, we realized that the account had been stolen. Most likely, I just caught a phishing link somewhere; to be honest, I don’t remember if I had two-factor authentication, probably not.
It works like this: you just follow the link, leave your details somewhere, then a group is created on your behalf, a huge number of people are invited there, they write something like “vote for me at the marketing awards.” Someone you know starts writing, asking, congratulating, and you have time to at least somehow react. Often people simply vote, thus leaving their data with scammers. I myself had about 20-30 people vote. I sent a request to restore my account, but Telegram does not respond so quickly. The request processing time is on average up to 72 hours. There were cases when technical support could take several weeks or months to respond,” says Alexey Pak
Two-factor authentication can be enabled in the application settings, and Telegram will request a letter code each time you log into your account from other devices. This is better than the usual verification code in SMS messages, which can be intercepted by attackers. However, such protection is not a panacea, notes Aleksey Lukatsky, Internet security consultant at Positive Technologies: “I would assume that this is some kind of targeted attack.
Two-factor or more authentication makes life much more difficult for attackers, but is not 100% secure. There are methods to bypass and hack it, but this story is not widespread today. If attackers see that two-factor authentication is enabled on an account, they usually almost immediately switch to other users who do not have it; there is no point in wasting time on those who have protection enabled.”
Holidays attract criminals due to increased activity from those looking for gifts or discounts. A survey of the financial marketplace “Vyberu.ru” showed that almost 40% of Russians encountered phishing sites for “gift stores” as of March 8; this is the most common type of fraud.
The next most popular were fake flower delivery services, with 23% of respondents complaining about them. Another 13% of survey participants noted that they had encountered “gift giveaways” on social networks. Some scammers also lured users with messages about a free subscription to Telegram Premium.
Everything is clear with us – Telegram channel “Kommersant FM”.
[ad_2]
Source link