The alarming rise of phishing operations on Telegram is becoming increasingly concerning for cyber security experts. While the messaging platform has been known to house some criminal activity for some time, it appears that phishers are starting to make it their go-to workplace.
Impact of Proliferation of Phishing Kits and Services on Cybercriminals
According to the story by Bleeping Computer, the proliferation of phishing kits and services offered through Telegram has become a major concern for cybersecurity experts.
With kits going from $10 to $300, depending on the features and services ranging from automated phishing page creation and user data collection to subscriptions offering access to tools, guides, and technical support, phishing operations are more profitable and easier to do than ever.
The barrier to entry is lower, and experienced phishers can now groom and recruit potential customers for less money without having to do it manually. As a result, cybercriminals no longer need extensive knowledge or resources to carry out phishing attacks and can easily target a larger audience.
A Major Security Risk: How Tutorial Channels on Telegram Are Allowing Phishing Attacks
As noted on Secure List, Kaspersky researchers have observed tutorial channels on Telegram that offer instructions and pre-packaged tools allowing users to create fake websites and phishing pages mimicking known brands.
Some vendors even encrypt stolen data so that neither the operator nor the phishers can access the victim's information without paying their share. This is a major security risk.
Notably, some vendors even take additional steps to protect their reputations, encrypting the data of hacked victims or offering phishing-as-a-service (PhaaS) subscriptions with weekly or monthly payment models.
Improving Awareness of Phishing Threats and Prevention Tips
Furthermore, for those new to phishing, Telegram bots are readily available to offer step-by-step "how-to" instructions at no cost. An article by Infosecurity Magazine gave more details about the situation on Telegram.
Kaspersky has taken action by detecting over 2.5 million malicious URLs generated using phishing kits in the past six months and prevented 7.1 attempted accesses by users of its products in the same period.
However, it's not only up to the security companies. It's essential for users to be aware of the threat posed by phishing kits and services and learn how to protect themselves. Keeping software up-to-date, using two-factor authentication, and being wary of links in emails or messages are ways to avoid falling victim to a phishing attack.
Read Also: Official Airbus Twitter Account Hack Goes Viral! Users Suspect Airline Employee
The Impact of the Proliferation of Phishing Services on Telegram
Becoming educated about the dangers of phishing kits and services is an integral step in the fight against cybercrime, and it starts with Telegram. It is increasingly clear that the unregulated proliferation of phishing services and products on the messaging platform is driving this worrying trend.
Therefore, it is the task of both cyber security companies and governments to stay vigilant and combat what has become a disadvantageous way to take advantage of users who are not tech-savvy.
It won't be long before phishers spread their malicious activity further, potentially causing more damage to individuals and businesses.
Related Article: Russian War Supporter Hacked by Cyber Resistance; Instead of Drones, Purchases Adult Toys