Telegram has begun to actively distribute phishing messages using banking brands. Attackers buy advertising posts that are almost unmoderated and thus reach a multimillion audience.
The number of phishing pages on Telegram using the VTB brand has grown 15 times in August compared to the beginning of 2021, the bank told Izvestia. They emphasized that the promotion of fake advertising on social media contributes to the spread of phishing scenarios. These resources are usually not responsible for the placement of advertisements and do not ensure the safety of users.
According to VTB, some sites receive money from cybercriminals and post unverified information. Until the moment when the post is deleted, many clients manage to become victims of criminals and transfer their personal data to them, the credit organization stressed.
As VTB clarified, phishing messages distributed on Telegram are aimed at extorting money from users. Among the main scenarios:
promotions for receiving bonuses when completing surveys;
corporate portals for collecting employee data;
The spread of phishing in social networks was confirmed by Otkritie Bank, noting that if before the scammers mainly tried to write off the client’s own money, now more and more often the victim is forced to take borrowed money and steal it.
According to Gazprombank, the types of fraud associated with various investment options have become widespread recently. Under the guise of these financial services, cybercriminals receive data from the cardholder, including critical data (codes and passwords).
UBRD explained that a large number of links to phishing sites are distributed in Telegram channels, because it is in this messenger that there are many thematic communities aimed at obtaining benefits from banking services and products. The bank notes the danger of the further spread of phishing, as more and more Russians are starting to use Telegram channels as the main messenger for communication.
To date, Roskomnadzor has not received any court decisions or requirements from the Prosecutor General’s Office, on the basis of which it is possible to block any Telegram channels that distribute phishing messages. They clarified that in 2021, more than 1,260 sites related to illegal banking activities were removed and blocked.