Telegram has become a popular platform for cybercriminals to promote and sell phishing kits and other illicit tools, allowing aspiring scammers to launch attacks easily and cheaply.
Cheap and Easy to Find Phishing Kits
Cybersecurity firm Guardio found that Telegram is filled with third-party phishing kits that can be used to steal login credentials and data from major online services. These ready-made kits enable even novice scammers to set up phishing sites aimed at Netflix, Spotify, Facebook, and many banks. The kits cost as little as $230, making Telegram a low-barrier entry point for phishing.
Complete Phishing Toolkits Available
The phishing kits available on Telegram are full packages, providing all the components needed to launch campaigns. They can send stolen data back to the scammer’s Telegram account and come with Telegram support groups focused on phishing techniques. As Guardio notes, Telegram has become a “well-oiled supply chain” where cybercriminals buy and sell the tools for phishing.
Fake Sites and Bots Streamline Scams
In addition to phishing kits, Telegram sellers offer features to make scams more effective. Fake proxy sites can bypass 2FA while still stealing login info. Bots quickly generate fake crypto giveaways personalized with the scam campaign’s branding. Scammers can also buy compromised sites and social media accounts.
Limited Telegram Moderation and Enforcement
Despite prohibiting scams and spam on its platform, Telegram seems to take little action against the rampant cybercrime market around phishing kits and tools. While Telegram claims to remove harmful content, it’s unclear how much effort it devotes to shutting down scam operations. The availability of phishing kits and other illicit wares indicates moderation isn’t adequately addressing the issue.