usage of telegram Bots as a source of phishing information grew by 800% between 2021 and 2022.
New data comes from security researchers Cofensewho report About them on Wednesday.
According to our findings, this increase is primarily related to the increasingly common tactic of using HTML attachments as a delivery method when phishing credentials.
“The use of Telegram bots by threat actors to steal information is nothing new, but they are lesser known to be used in credential phishing,” said the Cofense report.
“Telegram bots are a low-cost/free single-screen solution, making them a popular choice for attackers.”
In other words, the ease of setting up the Telegram bot, combined with the tactic of attaching HTML credential phishing files to emails, allows attackers to use commonly trusted services to steal credentials while at the same time gaining access to your inbox. can be reached easily.
“Bots are unpredictable and can over-deliver. But cybercriminals are looking for new ways to automate attacks beyond email. I think it’s the beginning of the.” slash next CEO Patrick Herr.
“Organizations should implement multi-channel security to ensure that users are protected from credential theft, BEC. [business email compromise] Attachments across mobile and web messaging apps such as WhatsApp and Telegram. “
said Patrick Tiquet, Vice President of Security and Architecture at keeper securityagreed with Harr’s point, and said organizations should take the same measures to protect against phishing bots as they prevent other types of phishing attacks, including education and the use of password managers.
“It’s human instinct to believe what you see, so aesthetics and user interfaces often trick users into clicking the wrong, malicious URL,” said the executive. Information security.
“It’s important to make sure the URL matches the real website. Password managers automatically identify when a site’s URL doesn’t match what’s in the user’s vault. This is an important tool to prevent the most common attacks such as phishing scams.”
Bots have also been at the center of account takeover (ATO), distributed denial of service (DDoS) attacks, and card fraud attempts. During the 2022 winter holiday season.
