Kaspersky has warned that fake Telegram Premium offers have been spreading globally, targeting users with phishing scams and malware disguised as alternative app versions. These attacks aim to steal account credentials or compromise devices. The scams capitalize on Telegram Premium’s popularity and gifting feature, making it crucial for users to remain vigilant.
Telegram Premium is a subscription that offers exclusive features, such as faster download speeds, voice-to-text conversion, premium stickers, an ad-free experience, and more. Users can gift a subscription, and scammers capitalize on this gifting feature and the Telegram Premium topic in general.
During the upcoming holiday season, when gifts are expected and celebrations start, it’s crucial to remain cautious to avoid falling into traps like these.
One of the tricks begins when a user receives a message that appears to come from someone in their contact list, whose account may have been hacked. The message claims: “You’ve been sent a gift — a Telegram Premium subscription”. Below, there’s a link that looks legitimate but actually redirects the user to a phishing page, prompting them to log in to Telegram. If victims scan the code or enter their credentials, their account is immediately compromised, giving scammers access to their login details, password, and potentially their authentication code.
There are other tricks referencing the Telegram Premium theme, and not all of them necessarily start with messages on Telegram, such as the one described above. Attackers may also use other methods to send phishing links, for example, email.
For instance, perpetrators host fake “giveaways” for Telegram Premium subscriptions. Victims are lured into participating, and in a series of steps, they are directed to a phishing site where they are prompted to enter their Telegram account credentials, ultimately resulting in their account being compromised.
Another machination involves cybercriminals sending victims an invitation to download a ZIP archive that claims to contain a version of the messenger service with a “Premium” subscription. The download link redirects users to a phishing page where they are once again asked to log in to Telegram.
“Phishing schemes capitalizing on the Telegram Premium topic has been observed in several languages, suggesting that the perpetrators operate globally. Even if these scams haven’t yet reached a specific region, there is a probability they could eventually make their way there. Therefore, during the holiday season, it’s especially important to remain cautious and skeptical of offers that seem too good to be true. Additionally, make sure your Telegram security and privacy settings are up to date, and your device has a robust security solution,” advises Olga Svistunova, security expert at Kaspersky.
Scammers continuously evolve their tactics, and new hoaxes can emerge daily. To protect yourself from these threats, consider the following tips:
Check Kaspersky’s guide for Telegram security and privacy tips.
Double-check links – including the actual addresses embedded in hyperlinks. In some cases, Kaspersky has seen seemingly legitimate hyperlinks, redirect to entirely different phishing pages. This tactic works similarly to this example: a link appears to lead to the main page of Kaspersky Daily’s blog, — but redirects to a different Kaspersky blog: Securelist. Scammers may use the same principle to disguise their phishing links.
Verify links from contacts – If a gift link seems suspicious, confirm with the sender via an alternative communication channel.
Purchase subscriptions through official channels. For instance, Telegram offers a special bot for purchasing Premium subscriptions.
Enable two-factor authentication (2FA). This can be the last line of defense, even if the account credentials have been compromised. 2FA tokens can be conveniently stored in a Kaspersky Password Manager.
Explore other methods cybercriminals use to steal Telegram accounts. Understanding these scams before they occur is crucial for improving cyber hygiene and staying aware of potential threats.
Avoid downloading unofficial app versions. Kaspersky recommends sticking to official applications, as unofficial ones may be loaded with various types of malware.
𝐒𝐭𝐚𝐲 𝐢𝐧𝐟𝐨𝐫𝐦𝐞𝐝 𝐰𝐢𝐭𝐡 𝐨𝐮𝐫 𝐥𝐚𝐭𝐞𝐬𝐭 𝐮𝐩𝐝𝐚𝐭𝐞𝐬 𝐛𝐲 𝐣𝐨𝐢𝐧𝐢𝐧𝐠 𝐭𝐡𝐞 WhatsApp Channel now! 👈📲
𝑭𝒐𝒍𝒍𝒐𝒘 𝑶𝒖𝒓 𝑺𝒐𝒄𝒊𝒂𝒍 𝑴𝒆𝒅𝒊𝒂 𝑷𝒂𝒈𝒆𝐬 👉 Facebook, LinkedIn, Twitter, Instagram
