If you enter this code on the fraudsters’ site, they’ll have full control over your account, including the ability to link it to another device. With Telegram’s two-factor authentication (2FA) turned off, this code and the phone number are all that the attackers need to log into your account. The messenger’s security mechanism requires user confirmation and sends a verification code to your phone or computer where Telegram is already authorized. If you provide your phone number, the attacker’s scripts log in to your Telegram account from a new device. Sometimes (as shown in the screenshots) the attackers let the victim choose the more convenient option.Ī cybercriminal site asking how you’d like to lose your account: by QR code or by entering a phone number. There are two variants here: those who opened the site on a desktop are prompted to log in using a QR code, while those on a mobile device are asked for their country and phone number. The first page displays a message like “Sign in and vote” or “Free access to the trial version of Telegram Premium” - depending on the scheme in question. More often than not, the site looks pretty modest. What’s more, anti-phishing tools find it harder to spot such links. Such tools are often used when the sender doesn’t want the real address of a site to be seen. The links sent by the cybercriminals are usually created using a URL shortener service. And the message was not written by a contact, but by an attacker who’s already hijacked that contact’s account (perhaps in the same way). Of course, there are no contests, no petitions, and no gifts. ![]() ![]() But that’s precisely what you should not do, otherwise you’ll likely lose your account. What all these schemes have in common is the need to authenticate via Telegram - either by entering one’s phone number and a messenger verification code, or by scanning a QR code. The bait can be an invitation to take part in an online vote or contest, a Telegram Premium gift or trial version, a request to sign a collective petition, or something else. Things usually start off with a message from one of their contacts containing a link to some site. Telegram users have recently begun encountering various Telegram messenger hijacking schemes. KasperskyEndpoint Security for Business.KasperskySecurity for Microsoft Office 365.
0 Comments
Leave a Reply. |