Dangerous Gifts from Scammers on Telegram

Recently, our country has seen an increase in cases of fraud committed through the distribution of subscriptions to Telegram Premium. The Research Institute of Digital Forensics at the Law Enforcement Academy commented on this phenomenon.

Experts from the institute explained the mechanism of this fraudulent scheme. According to them, it is one of the most common types of cyber fraud—phishing. The term “phishing” comes from the English word "fishing", implying the baiting of users' identification data.

The scheme operates as follows: a user receives a message, supposedly from a friend or relative, notifying them of a gift—a one-year subscription to Telegram Premium. To activate it, the user is asked to click on the link attached to the message. Since the message appears authentic, the user unsuspectingly clicks on the link.

On the webpage that opens, the user is prompted to enter the phone number linked to their Telegram account and the authorization code sent to that number. After entering this information, the scammers gain full access to the user’s account. Immediately after, they begin sending similar messages to everyone on the victim's contact list. The sent messages are automatically deleted from chat history, making them harder to detect.

Additionally, during the time they have access to the account, the scammers can retrieve the user’s personal data, including performing transactions using linked bank cards and e-wallets.

To prevent such incidents, the staff of the Research Institute of Digital Forensics recommend the following:

1. Enable two-factor authentication in Telegram.
2. Avoid clicking on suspicious links, even if they are received from known contacts.
3. Never enter personal information (phone number, confirmation code, password) on websites that are not official Telegram resources.
4. If a user has entered a confirmation code on a fraudulent site, immediate measures should be taken to regain control of the account. This includes navigating to the “Settings” menu → “Active Sessions” and selecting the “Terminate All Other Sessions”

Remember, the security and confidentiality of personal data directly depend on maintaining digital hygiene. This includes knowing basic precautionary measures when interacting with information received through messages and calls. Even if a message comes from a close acquaintance, it is always advisable to verify its authenticity, such as by calling the sender.

The institute also reminds us that modern technologies, including artificial intelligence, enable highly convincing fraudulent schemes using deepfakes. Therefore, the importance of digital literacy in today’s conditions cannot be overstated.