Fraudsters started stealing Telegram accounts tied to Russian users by posing as the messenger’s administration and support team. The press service of the Main Directorate of the Central Federal District of the Bank of Russia informed socialbites.ca about these incidents.
Users receive messages from accounts labeled “Telegram administration,” “Customer Service,” “Update,” “Security” and similar names.
The messages frequently claim that a major system security update is underway to safeguard user data. Recipients are urged to click on phishing links to confirm a security check. After clicking the links, they are directed to follow on screen instructions. If followed, the attacker can permanently seize the user’s account or channel.
The links lead to pages that mimic the official Telegram site in appearance. Examples include telegramn ru slash MTgzNzU= or telegramn ru slash MTg0MTI= networks. Active phishing domains reported include telegraim.ru, telegrain.ru, telegrain.online, telegramn.ru, telegrami.ru, telegrami.online, tefegram.ru, and tefegram.online, with some variations in spelling to appear legitimate.
The press service noted that older phishing schemes remain effective. For instance, scammers reach Telegram users through channels, chats, and private messages asking them to vote on a website for participants in children’s or other online contests. If a person clicks the link and begins voting, attackers may collect information that enables account takeover. [Source: Bank of Russia Main Directorate press service]
For enhanced protection of Telegram accounts, authorities recommend enabling two factor authentication in the messenger settings. This involves a password that only the user can use from any device. Access the Privacy options in the account settings and select the Cloud Password section to strengthen security.
In a separate interview, German Zubarev, Deputy Governor of the Central Bank of Russia, stated that a new mechanism to repay funds stolen by fraudsters from bank customers would be rolled out in Russia starting July 25.
Russians note that scammers are adapting their tactics, continuing to shift methods in an ongoing effort to exploit users through digital channels. [Source: Bank of Russia press service]