MOSCOW, 20 Oct – PRIME. Attackers in Russia began to use bots in Telegram, which are visually similar to the official ones and offer to go through “verification” via an attached link, a RIA Novosti correspondent encountered such a scheme. Experts interviewed by the agency explained that in this way scammers use social engineering and seek to steal user passwords.
Fraudsters have become more likely to act on behalf of employees of the Central Bank
According to the new scheme, the bot, partly similar to the official one from the messenger, reported that the account verification was not passed. The message also stated that the account itself would be blocked within 6 hours if the owner did not follow the attached link.
According to Viktor Chebyshev, an expert on cybersecurity at Kaspersky Lab, the case presented is phishing to “swindle credentials from a Telegram account.” As the expert noted, it is enough to pay attention to how the messenger is written in the name of the contact, because in legitimate notifications the spelling is different.
“The ability to block a user or add him to the contact list also indicates that this is not an automatically generated message from the service. In addition, the official account has a signature in the name, name, which notes that these are “service notifications” and there is blue tick,” the expert explained.
A similar opinion is shared by Group-IB Digital Risk Protection analyst Evgeny Egorov. The expert confirmed that Internet scammers “often pretend to be technical support representatives of official services, instant messengers, social networks in order to steal the credentials of clients of these companies.”
“In this case, the attackers created a Telegram bot to “verify” the account and sent messages on behalf of Telegram from a fake account with a request to go through it. Social engineering was involved – the victims are frightened by blocking the account for a day. This is done to reduce the vigilance of users and quickly follow the instructions of the scammers,” Yegorov explained.
HOW TO NOT BECOME A VICTIMS OF SCAMMERS
The experts emphasized that in order not to become a victim of scammers, users need to pay attention to the following points: the official messenger accounts have a verified status with a check mark next to the name, and you should also not follow suspicious links in messages and enter your personal or credentials on dubious pages.
In addition, as Chebyshev noted, the owner of Telegram accounts should enable two-factor authentication: if an attacker tries to gain control over the account, the verification code will not be enough, he will also need a password.
“Pay attention to the” active sessions “section: if you find an unknown or suspicious device, end this session and change the password if it was set,” the expert added.