Brother
Professional
- Messages
- 2,590
- Reaction score
- 526
- Points
- 113
Everyone can now run their own malicious campaign.
Cybersecurity experts draw attention to the" democratization " of the phishing ecosystem due to the transformation of Telegram into the epicenter of cybercrime, which allows attackers to organize mass attacks for relatively little money.
According to researchers at Guardio Labs, "the messaging app has evolved into a thriving hub where experienced cybercriminals exchange illegal tools and victims' data with newcomers, creating a shadowy and well-established supply chain of tools and information."
Free malware samples, textbooks, ready-made kits, expert advice, and even personal hackers-mercenaries — everything you need to build a full-fledged malicious campaign from start to finish. The researchers also described Telegram as "a paradise for scammers" and "a hotbed of modern phishing operations."
This isn't the first time the popular messaging platform has come under fire for facilitating malicious activity, which is partly due to its lenient moderation terms.
As a result, what was previously available only by direct invitation is now easily accessible through public channels and groups, thereby opening the doors of cybercrime for beginners and inexperienced cybercriminals.
In April 2023, Kaspersky Lab revealed how attackers create Telegram channels to train newcomers in phishing, as well as advertise bots that can automate the process of creating phishing pages to collect confidential information.
One of these malicious Telegram bots is Telekopye, which was described in detail by ESET experts in August and November last year. This bot can easily create fraudulent web pages, emails, and SMS messages to help attackers carry out large-scale phishing attacks.
Ready-made kits for organizing a phishing campaign can be easily purchased in Telegram — "some are offered at very low prices, and some are even free" - thereby reducing the financial entrance threshold for everyone.
At the same time, a more or less effective phishing campaign will cost the buyer$230. It includes sending out 100,000 emails, 10,000 of which (according to statistics) will be opened by clicking on a phishing link. Only about 50 people will indicate their current bank card details there, but even this number of victims will be enough to repeatedly recapture the invested funds.
Scheme for earning phishers through mailings, the income is tenfold of the invested amount
This situation underlines the vigilance that absolutely every Internet user needs to develop in order not to fall for the bait of scammers. It is absolutely forbidden to follow links from unknown senders or install questionable software from such email attachments on your computer.
Nowadays, unfortunately, anyone with bad intentions and a small start-up capital can organize their own phishing operation. Regardless of whether they have experience or connections in the field of cybercrime. That's why ordinary users need to be more careful: a threat may come from somewhere they don't expect it to come from.
Cybersecurity experts draw attention to the" democratization " of the phishing ecosystem due to the transformation of Telegram into the epicenter of cybercrime, which allows attackers to organize mass attacks for relatively little money.
According to researchers at Guardio Labs, "the messaging app has evolved into a thriving hub where experienced cybercriminals exchange illegal tools and victims' data with newcomers, creating a shadowy and well-established supply chain of tools and information."
Free malware samples, textbooks, ready-made kits, expert advice, and even personal hackers-mercenaries — everything you need to build a full-fledged malicious campaign from start to finish. The researchers also described Telegram as "a paradise for scammers" and "a hotbed of modern phishing operations."
This isn't the first time the popular messaging platform has come under fire for facilitating malicious activity, which is partly due to its lenient moderation terms.
As a result, what was previously available only by direct invitation is now easily accessible through public channels and groups, thereby opening the doors of cybercrime for beginners and inexperienced cybercriminals.
In April 2023, Kaspersky Lab revealed how attackers create Telegram channels to train newcomers in phishing, as well as advertise bots that can automate the process of creating phishing pages to collect confidential information.
One of these malicious Telegram bots is Telekopye, which was described in detail by ESET experts in August and November last year. This bot can easily create fraudulent web pages, emails, and SMS messages to help attackers carry out large-scale phishing attacks.
Ready-made kits for organizing a phishing campaign can be easily purchased in Telegram — "some are offered at very low prices, and some are even free" - thereby reducing the financial entrance threshold for everyone.
At the same time, a more or less effective phishing campaign will cost the buyer$230. It includes sending out 100,000 emails, 10,000 of which (according to statistics) will be opened by clicking on a phishing link. Only about 50 people will indicate their current bank card details there, but even this number of victims will be enough to repeatedly recapture the invested funds.
Scheme for earning phishers through mailings, the income is tenfold of the invested amount
This situation underlines the vigilance that absolutely every Internet user needs to develop in order not to fall for the bait of scammers. It is absolutely forbidden to follow links from unknown senders or install questionable software from such email attachments on your computer.
Nowadays, unfortunately, anyone with bad intentions and a small start-up capital can organize their own phishing operation. Regardless of whether they have experience or connections in the field of cybercrime. That's why ordinary users need to be more careful: a threat may come from somewhere they don't expect it to come from.