Telegram is the second most popular cross-platform messaging application, it is widely used because it has enhanced privacy and encryption features, even supporting large group chat features up to 200,000 person capacity. Telegram also offers its users several features, including no limits on media sizes, end-to-end encryption in “secret chats,” and a bot API in order to encourage developers to create their own bots for Telegram.
Few Advantages of Telegram over WhatsApp are (a) Larger groups – WhatsApp supports 256 members in their groups while telegram can have 200,000. (b) Secret conversations – Telegram basically encrypts the conversations you select as secret, this improves your privacy. (c) Free App – Telegram is completely free and there are no annoying ads on Telegram and provide and open API. (d) Privacy – Content can be destroyed manually or automatically without leaving any trace for both those who sent the messages and those who received the messages.
In India, nearly 30 percent of teenagers active on the internet have been victims of ‘social engineering’ scams. The part-time job scam is where people are fooled into paying to start a business, which never happens, or being tricked into completing work for which they are not paid. Scammers have also used phishing techniques to trap many educated housewives and students, along with unemployed people looking for additional income.
Keywords such as “earn online,” “part time job,” “easy second earnings” etc. are used by fraudsters and criminals to match their advertisements with the terms people are searching for. Most of these sites either redirect to a messaging platform or have an embedded messaging platform link that, upon clicking, again redirects to a chat.
Victims are often prompted to pay a processing, joining, or one-time registration fee to gain large sums of money from scammers those pretending to be officials from reputed investment and corporate trading companies, who additionally steal the money by way of social engineering crimes (i.e., penalty clauses) and in the name of “errors” done by victims while performing their part-time jobs.
Why Telegram is used more by Scammers:
- Telegram is favoured by scammers because of it anonymity (Mobile Number if the user is not displayed)
- Telegram users can sign up with virtual foreign country numbers, thereby hiding the true identities.
- The latest update has the Fragment blockchain platform, which allows users to buy anonymous numbers with Ton Coins and sign up for Telegram without a SIM card
- Telegram allows users to create multiple accounts and switch between them easily, which makes it difficult for cyber investigators to track and identify victim or the culprit.
- All Pirated Movies and Software’s can be easily shared due to anonymity and sharing size of 2GB thereby causing loss to the economy.
- Telegram allows cybercriminals to advertise, sell and leaked Personal Identifiable Data and user names and passwords of various applications we use in daly life.
- Telegram allows the creation of bots that can interact with outside platforms giving them capability to do phishing frauds.
- Few extortion groups leveraging Telegram have gained popularity following their alleged attacks against high net worth individual (victims).
- Telegram is prominent place for illegal or counterfeit outlets Luxury Brands like Chanel, Dior, Balmain, Celine and Louis Vuitton, which they sell via groups.
Scams on Telegram and their Modus Operandi:
Telegram scams are fraudulent schemes that either take place within the messaging platform or draw users off the messaging application onto dangerous third-party sites and applications. Scammers flock to Telegram due to its widespread acceptance and ease of use. Many a time, we see scammers pose themselves as legitimate agents or employees of various corporations.
Scammers will often create duplicate/fake versions of popular channels to lure in victims. These groups will have similar names and profile pictures, have the same pinned messages, and have admins with usernames that almost match legitimate ones. People fall prey for scams that involve promotions, free give-aways, and MLM-based schemes. Scammers often ask to take remote control of your laptop or device to “fix” the issue and in the process collect all your personal and financial information.
a) Bitcoin and Cryptocurrency scams – Scammers pose themselves as crypto experts on Telegram to scam victims out of coins, money, or account logins. Posing themselves as experts, they promise a guaranteed return on victims’ crypto investments. As part of their scam, they show victims charts and graphs demonstrating that their investment is increasing (most of these members are either fake or paid social media influencers). The victim will be unable to withdraw their earnings as displayed in the wallet or dashboard, and the scammers will vanish and never respond in the groups.
b) Phishing using bots – Telegram has an open API and the ability to build and use bots on the platform. Having AI in place, they engage in realistic conversations, which makes it hard to tell if you’re being scammed. i.e., A fake bot, SMS Ranger, poses as representatives from banks and digital payment applications; this bot calls and convinces the user to give up personal information, bank account logins, passwords, and even OTP codes.
c) Tech support scams – This scam involves scammers impersonating legitimate tech support agents. Scammers take remote control of victims laptop or device in order to fix the issue and in the process collect victims all personal and financial information.
d) Romance / Sextortion scams – Social media creates an opportunity to engage in forbidden intimacies and forbidden behaviours. Scammers use this and start a relationship with user in online to gain their trust and will ask victims to send them sensitive photos or videos, which they then use for blackmail. Other types of romance frauds are (i) Proposal turns extortion. (ii) Pretty Woman is a Man. (iii) Making Gay Man Pay.
e) Fake Airdrops – Scammers may create fake airdrop campaigns in Telegram groups, claiming to distribute free cryptocurrencies or tokens, but require users to provide personal information or send funds first.
f) Fake Giveaways – Scammers may create fake channels or groups claiming to offer giveaways of cryptocurrencies, products, or services to lure users into providing personal information or making payments.
Safety Tips on Telegram App:
a) Use a unique, hard-to-guess combination of at least 10 upper and lowercase letters, numbers, and symbols. To help you keep track of all your passwords, consider using a paid password manager.
b) Verify the short URLs / Links using https://www.unshorten.it or https://www.checkshorturl.com , even if it was sent by known sources
c) Double check a weblink before clicking or downloading attachments sent by unknown contacts, they will lead to unfamiliar site (Hover over them and check) and verify all links using https://www.isitphishing.org or https://www.urlvoid.com
d) Blocking an account – Go to the user’s profile, click on the three dots in the corner of your screen, and select “Block user.”
e) Secret Chats – Open Telegram -> Tap the pencil icon (new chat) in the lower right of your screen ->Tap New Secret Chat -> Select a contact to start a secret chat.
f) Disable Active Sessions – Open Telegram ->Choose menu button in the upper-left corner of your screen -> Settings -> Privacy and Security ->Active Sessions -> Terminate all other sessions.
g) Sending Self Destruction Media – Open Telegram ->Select a chat -> Attach icon in the lower-right corner of your screen ->Choose an existing image or take a new one -> Stopwatch button ->Select how long you wish your media to last-> Send button
h) Locking Chats – Open Telegram -> Choose menu button in the upper-left corner of your screen->Settings ->Privacy and Security->Passcode Lock ->Enable passcode. ->Choose a passcode, and then Confirm.
i) Enable Two Factor Authentication (2FA) – Open Telegram -> Settings -> Privacy and Security -> Two-Step Verification -> Set Additional Password ->Enter a password and confirm -> Create Password ->On the next page, enter a hint to help you remember the password and continue -> Email address you want to use to recover a forgotten password-> Continue -> Return to Settings and Finish
j) Verify the legitimacy of channels, groups, or individuals before sharing personal information or sending money.
k) Research and verify the authenticity of the sender and their claims through reliable sources and don’t believe what is either told or visible on social media.
l) Do not share sensitive information, such as passwords, financial details, or personal data, with unknown individuals or entities.
m) Be wary of offers that sound too good to be true, such as high returns on investments or free giveaways.
n) Double-check URLs and links before clicking on them to ensure they are legitimate and not phishing attempts.
o) Avoid engaging in suspicious activities or transactions that seem risky or unfamiliar.
p) Never do screen sharing while you are are texting or doing a voice chat on Telegram.
q) Never invest money buy watching videos of fake influencers are advices from investment advisors while in the groups.
Reporting a Cyber Crime:
- Report a abuse at abuse@telegram.org and Report an scammer pretending to be you @notoscam
- Register a complaint on https://cybercrime.gov.in/. Alternatively victims can call Helpline No. 1930 if they have lost online.
