Scammers involved in stealing data from Russian Telegram users have developed a new tactic, which involves sending messages from an account called "Security Tips." Potential victims receive notifications about a supposed block on their account due to "fraudulent activity" and are urged to follow a link to the "system center."
According to information from the attackers' mailing, they allegedly received several reports of fraud with the victim's account, which were confirmed by their "systems." The message states that the account will soon be restricted, and the user is strongly advised to log in to the "system center" to verify their account, otherwise a block will follow. However, it remains unclear who exactly is the author of these threats.
Kaspersky Lab emphasized that such messages are an example of phishing. This is obvious because the account does not match official notifications from Telegram, and it can be blocked just like any other user. Tatyana Kulikova, a senior content analyst at the company, warned against clicking on links from suspicious messages and entering personal data on unauthorized resources.
If the victim follows the suggested link, there is a high probability that they will end up on a fake authorization page, Kulikova suggests. On this page, users can enter their phone number, password, and verification code, after which the data will end up in the hands of scammers.
Alexander Vurasko, Deputy Head of the Solar Aura External Digital Threat Monitoring Center, noted that the main goal of this scheme is to steal a Telegram account. He confirmed that such tricks send victims to fake sites, and that these scenarios have been around for about two years.
Irina Zinovkina, Head of Analytical Research at Positive Technologies, said that such schemes can lead not only to account hijacking, but also to theft of funds and confidential information. She highlighted the main tricks used by scammers in such messages: the need to verify an account, update software, security recommendations, notifications of failures in mail services, and messages about password expiration.
Read more on the topic:
Scammers have learned to send viruses disguised as photos in Telegram: they have a special extension
Scammers have come up with a new way to deceive Russians
Scammers are teaching Russians how to withdraw money from Hamster Kombat
