The IT expert named popular schemes for stealing Telegram accounts

The accounts of Telegram channel administrators and employees of companies in high positions or with access to sensitive data are the most valuable for scammers. A lot of personal data, confidential documents and secrets are now stored in chat rooms. Daniil Borislavsky, Staffcop's product director, warned about this on Wednesday, March 19. He named the four most popular schemes for "hijacking" accounts in the messenger.

According to the expert, phishing sites are in the first place.

"You receive a message supposedly from Telegram support or some other with a name similar to the real and official one. The link leads to a fake website where you are asked to enter a number and a code. At this point, access to the account goes to the scammers. Never enter codes on third-party websites. Telegram uses only telegram.org ", — the IT expert emphasized in an interview with Lenta.Ru .

Borislavsky also warned that scammers send gifts from their accounts, for example, they may offer a premium version of Telegram. Sometimes attackers use a fake checkmark for authenticity. The user is asked to confirm their "identity" and click on a link or send a verification code, as a result of which they lose their account.

"Remember, Telegram never writes first, and for the Premium version there is a separate official bot, only through it you can buy a subscription if you haven't been given one," the IT expert emphasized.

In addition, scammers offer users to download fake Telegram with "new features" that simply steal data or accounts. The specialist warned that in order not to fall for this bait, you should download the messenger only from official sites.

Borislavsky placed the actions of the nearest circle in fourth place. Sometimes a colleague, a work device administrator, an IT specialist of the company, or a telecom operator gets access to the account.

"In fact, he becomes an insider in the company. To protect yourself, use the password to log in to the messenger, check the list of active devices, hide the number in the privacy settings," he advised.

If the account is stolen, it is urgently necessary to log out of all devices through settings, change the password and check if the scammers have added bots, he concluded.

Keep your face: to get an online loan, you will have to verify your identity using biometrics

The Central Bank supported this method of combating fraud, but the MFIs are categorically against it.

On the eve it became known that fraudsters began using a new scheme to deceive students, posing as employees of the Ministry of Science and Higher Education of Russia, reports RT.

The attackers offer students to verify their account on the Gosuslugi portal in order to receive a scholarship and update data on the university's website. They contact the victim via social media, drop them an inactive link and, knowing about its nature, offer help with authorization, asking for a password and claiming that they already have a login. As a result, the victim may receive an official text message from the bank stating that a loan has been opened in her name, according to the website. kp.ru .

Earlier, on March 14, it was reported that Russia could introduce automatic temporary blocking of Russian accounts on "Public Services" while changing at least two identification parameters, such as phone numbers and passwords. Such an initiative, among others, was contained in the package of proposals of the Popular Front for the meeting with the president.