A new wave of account theft began in Russia on Telegram and WhatsApp messaging programs. Ivan Lebedev, head of the CERT-FACCT phishing protection group, told socialbites.ca.
“According to analysts from the FACCT Information Security Monitoring and Incident Response Team (CERT-FACCT), the domain names of at least 50 sites designed to hijack Telegram accounts were registered in the first days of December. Lebedev said domain name registrations and phishing forms for “hijacking” WhatsApp accounts were also noticed.
Analysts also discovered already active sites with various false myths about voting in contests and phishing authorization forms via Telegram, the expert added. When you enter your authorization data in such forms, the person loses access to the messenger account. CERT-FACCT experts counted 20 such sources.
According to Lebedev, earlier attackers more often used the topics of children’s competitions to deceive, now they use the topics of family, work and professional skills.
To reach a wider audience, attackers continue to create Telegram channels with links to phishing resources and, if there is no corresponding ban in their settings, they add victims to these channels themselves. To make it difficult to detect such channels, attackers add messages like “Good day!”, “Good morning!” to the channels. and such. In the post, the author, who usually has a stolen Telegram account, asks for votes for him with the words “One minute of your time will bring me closer to victory.” In the discussion, one of the commenters replies, “I voted, it’s not hard for me,” presumably from a stolen messenger account, prompting more victims to respond.
“As in the summer, phishing resources to steal accounts on WhatsApp continue to use the theme of children’s creativity. Attackers can also distribute links to themselves through messages from hacked VKontakte accounts. Lebedev noted that such plans will not bring results if users use all security tools in instant messengers, including two-factor authentication and virtual password, and have the necessary knowledge in the field of digital hygiene.
Previously “socialbites.ca” warned About the increase in financial fraud ahead of the New Year.
Source: Gazeta
Jackson Ruhl is a tech and sci-fi expert, who writes for “Social Bites”. He brings his readers the latest news and developments from the world of technology and science fiction.