{"id":21447,"date":"2018-03-05T10:34:57","date_gmt":"2018-03-05T15:34:57","guid":{"rendered":"https:\/\/www.kaspersky.com\/blog\/?p=21447"},"modified":"2021-03-17T10:26:24","modified_gmt":"2021-03-17T14:26:24","slug":"telegram-accounts-stealing","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com\/blog\/telegram-accounts-stealing\/21447\/","title":{"rendered":"A wave of Telegram hacks hits: How to protect your account"},"content":{"rendered":"

Just like social media accounts, Telegram accounts are hijacking targets \u2014 especially if they are linked to channels with a lot of subscribers. Such accounts were in the crosshairs of a recent wave of attacks. This post explains how it happens and what to do about it. Let\u2019s go!<\/p>\n

How are Telegram accounts hacked and stolen?<\/h2>\n

The short answer is: phishing<\/a>. The user receives a message from a Telegram account with an official-sounding nickname (say, TelegramAdmin) stating that suspicious activity has been detected on their account and that the user must provide account confirmation or the account will be blocked. A link is provided to confirm the account.
\nNaturally, the link points to a phishing site with an address that seems trustworthy. It might be telegram-antispam.org or telegram-verification.site, or something like that.\"\"<\/a>
\nThe site looks like a carbon copy of the real Telegram login page at web.telegram.org<\/a>. The user is prompted to enter their phone number, confirmation code, and, if two-factor authentication is enabled, password. In case of a forgotten password, the scammers ask the user to go through the normal password-recovery process \u2014 click a link, receive a recovery code from (the real) Telegram, and provide that code to (the fake) Telegram..
\nOnce the victim enters all of this info, the scammers have everything they need to access the account and link it to another phone number. Along with the account, they get its channels.<\/p>\n

How to protect your Telegram account<\/h3>\n