Phishers Having a Field Day on WhatsApp, TelegraphPhishers Having a Field Day on WhatsApp, Telegraph
A pair of phishing campaigns against users of WhatsApp and Telegram's Telegraph expose them to extortion, credential harvesting, and even account takeover.
June 2, 2022
Within just a few days of each other, researchers sounded the alarm about phishing campaigns against two popular, global messaging platforms, Telegraph and WhatsApp.
Lat week, Rahul Sasi, founder and CEO of CloudSEK, posted a warning on LinkedIn that WhatsApp accounts were being targeted by phishing attacks trying to trick users into placing a call to the number "**67*< 10 digit number > or *405* <10 digit number >". Just a few minutes later, the device would log out of WhatsApp and the attacker would have full control of the account, Sasi added.
Turns out, dialing those digits forwards a victim's calls to a number controlled by the threat actors.
"Now in the backend, the attacker triggers the WhatsApp registration process for your number and chooses the option to send OTP via phone call," Sasi wrote. "Since your phone is engaged — the OTP will go to the attacker's phone, and it's game over for you."
Telegraph Phishing Attacks
Likewise, recent phishing attacks on users of Telegram's privacy-focused blogging platform, Telegraph, have spiked recently. Cyberattackers are looking to harvest Microsoft 365 credentials and run cryptocurrency scams, according to analysis from Inky.
Telegraph allows users to set up webpages without registration, and Telegram deletes sent messages after they are read, helping attackers to carry out their scams anonymously. As such, the researchers said Telegram is quickly replacing the underground web as the platform of choice for cybercriminals.
"Although many such sites are available, Telegraph is more attractive than most because of its unusually libertarian heritage; its founders openly propound a 'live and let die' philosophy, catnip to phishers," Inky researcher Roger Kay wrote about the Telegraph phishing scam findings.
About the Author(s)
You May Also Like
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
What's In Your Cloud?Nov 30, 2023
Everything You Need to Know About DNS AttacksNov 30, 2023