This post is also available in: עברית (Hebrew)
Telegram has become the working ground for the creators of phishing bots and kits looking to market their products to a larger audience or to recruit unpaid helpers.
While the messaging platform has been used for cybercriminal activities for several years, it appears that threat actors in the phishing business have started to rely on it more lately, as reported by bleepingcomputer.com.
A trend has been observed by researchers at cybersecurity company Kaspersky, who found a community having formed around the increasingly popular topic of phishing. From selling services to offering advice and free initiation instructions, phishing actors are extremely active on Telegram.
A report from Kasperksy notes that phishers sell all types of phishing material and services to interested buyers, including ready-made kits, fake pages, subscriptions to tools, guides, and technical support.
Kaspersky says that Telegram is also the place for aspiring scammers to become more familiar with the phishing business for free.
More experienced phishers create Telegram channels with bots that provide step-by-step instructions to generate a phishing page. The process is fully automated and ends with generating links to fake websites registered by the bot controller that mimic popular brands and services.
The only thing left for the beginner phisher is to distribute the links and wait for the sensitive info from victims be forwarded to the bot.
Kaspersky says it has detected over 2.5 million malicious URLs generated using phishing kits in the past six months and prevented 7.1 attempted accesses by users of its products over the same period.