Kaspersky has issued a stark warning about rising phishing attacks targeting Telegram users, particularly those who subscribe to Telegram Premium. These phishing schemes are designed to steal user credentials and compromise devices by disguising themselves as legitimate offers related to the popular messaging app’s premium features. The scams have been reported globally and are expected to increase as the holiday season approaches, when users are more likely to exchange gifts and interact with unfamiliar messages.
Telegram Premium is a paid subscription service that provides a range of exclusive features, such as faster download speeds, voice-to-text conversion, premium stickers, and an ad-free experience. The service also allows users to gift subscriptions to others, a feature that scammers have begun exploiting. By taking advantage of Telegram Premium’s popularity, cybercriminals are luring unsuspecting users into clicking on links or downloading files that appear to be legitimate but are actually designed to compromise their accounts.
One of the most common tactics involves sending messages that appear to be from a trusted contact. The message often claims that the recipient has received a gift of a Telegram Premium subscription. A link is included, which looks legitimate but redirects the user to a fake Telegram login page. If the victim enters their login credentials on this phishing site, attackers gain access to the user’s account, which can include sensitive data like passwords and authentication codes.
Other scams follow similar patterns but may not necessarily originate from within Telegram itself. Some cybercriminals are hosting fake “giveaways” for Telegram Premium subscriptions, attracting victims through emails or social media. Once users follow the instructions to participate in these giveaways, they are led to a phishing website where they are prompted to input their account information.
Another variant of the scam involves a ZIP archive disguised as a Telegram app offering a Premium subscription. When the victim downloads the file, they are redirected to a phishing page that again asks them to log in to Telegram. Similarly, some attackers distribute malicious software disguised as a modified version of the Telegram app, claiming to include Premium features. These malicious APK files are often used to infect victims’ devices with malware.
The phishing schemes targeting Telegram Premium are not limited to a single region, with Kaspersky noting that they are being observed in multiple languages. This global nature of the attacks means that even users in regions where the scam has not yet been widely reported should remain cautious, as there is always the possibility that such threats will spread.
As the holiday season nears, Kaspersky emphasizes the importance of remaining vigilant against these types of phishing attacks. Many users may be more inclined to trust unsolicited messages or links when the prospect of receiving gifts or special offers seems appealing. To protect themselves, Kaspersky advises users to be cautious of any offer that appears too good to be true, especially those related to Telegram Premium.
To mitigate the risks of falling victim to phishing scams, Kaspersky recommends several key security practices. First, users should always double-check links, even if they appear to lead to legitimate Telegram pages. Scammers often use URLs that look similar to official addresses but redirect users to malicious sites. It is important to verify links from trusted contacts before clicking on them, especially if the message contains a link to a supposed gift or special offer.
Additionally, users are encouraged to purchase subscriptions through official channels, such as the special Telegram bot designed for buying Premium memberships. Telegram’s bot provides a safe way to obtain the subscription without relying on third-party sites or dubious links.
Enabling two-factor authentication (2FA) is another crucial step in securing accounts. 2FA adds an extra layer of protection, even if login credentials are compromised. Using a password manager, such as Kaspersky’s own Password Manager, can help users safely store their authentication codes and prevent unauthorized access to their accounts.
Kaspersky also recommends avoiding downloading unofficial versions of the Telegram app. These versions may be altered to include malicious code that can infect devices with malware. Users should always download apps from official sources like the Google Play Store or Apple’s App Store to minimize the risk of malware.
With phishing attacks becoming more sophisticated and diverse, it is essential for Telegram users to understand the tactics that cybercriminals employ to steal personal information. By staying informed and following best practices for online security, users can reduce their chances of falling victim to these scams.
Kaspersky’s research highlights the ongoing evolution of phishing tactics, suggesting that scammers will continue to adapt their methods in response to user behaviors and security measures. Therefore, it is vital to remain alert and proactive in securing personal accounts, particularly during the busy holiday season when phishing scams are most likely to flourish.
