Topic: Telegram scammers targeting users with malware (Read 1116 times)

Exactly you are right not all people who are new to cryptocurrency are easily tricked by scams. Many of them are smart and able to figure out when something is not right and going to wrong way. It is also noting that some people may be new to cryptocurrency but they have experience in buying and selling things online so they are more careful and know little how people try to scam. On other side people who do not have much experience are mostly fall in scams and they can get benefit their selves by learning that how to use cryptocurrency safely.

Yes, you are correct this is why I keep advising the newbies to do well to always check for mutual groups of any account that PMs them claiming to be admin or mod because that is the only way they could be able to differentiate the real account from the fake because, upon such verification, they could tell who is who and also tag the account in the group and also report and block them so they do not bother them anymore.  By doing so, their safety is guaranteed to some extent and the rest is left for them to tread with caution.

You're right with that. Not all of them are going to fall for such scam on telegram channels.

But just think of it that the majority of them are likely to fall and have zero idea what's about to come if ever they entertain these scammers pretending to be admins and mods of such channels.

There is no way to stop them but upon encountering one of them, it's best to block them and leave that channel anyway. With this reason, I am not that active anymore with telegram.

I believe not all newbies are that naive to fall that cheap for scams, there are some newbies I believe to be wise and smart enough to decipher scams when they see such. It does not mean that crypto newbies are new to the system, some of them might have had the experience and would be very cautious whenever they encounter a strange activity online because of their experience in the past with internet engagements before they got to know about crypto although some are total novice and they are the ones prone to scammers and as such would need more guidance to not be vulnerable to scams.

It's sad to say, it's easier said than done.

We can distinguish the difference of names and the obvious actions they do through messages. But many of these newbies aren't like us, they're totally naive to this world and they are gullible.

The scammer would offer them a couple of bucks and they're willing to give their information out and willingly to click on those scammy and phishing links that would send them.

That's how vulnerable they are.

Newbies most times should be able to decipher  messages sent to them from accounts claiming to be admins and mods. In most platforms I belong, there are pinned post and some of them always put it clear that Admins or Mods do not PM first and it is a normal thing that newbies ought to know about Crypto telegram platforms. On the pinned list sometimes the names of each Mods are clearly stated there for all to see and know the real Mods to enteract with so  that  any one who sends messages to members, the community can easily differentiate between them and immediately take measures to protect themselves against scammers.

Self awareness is a must if you want to exist safely in the Crypto space. Only you can protect yourself and assets  from scammers. You just have to take your safety serious and making sure to stay updated on happenings as it bothers the Crypto community.

Not every newbie understands that these scammers are fake people. They're being approached welcomingly and they won't notice the red flag in there.

That's why even if there is no point in responding on the chats, this is not about us but about them that's new to it and are not aware of the technique of these scammers.

To us, there is no problem about it because we're aware of it but still many newbies are being victimized by these people.

What is the point responding to chats in DM when you have no knowledge about who is sending you a message, already when you see the message and content, you already know what they are up to so what you just have to do is to instantly block them and continue your life nothing would happen but I am of the opinion that one should be able to trace the scammers to see for themselves rooms or groups they share in common so they can be able to expose the scammers by tagging them for the community,admins and mods to know what is happening and block them from the group as this would help them save other members of the community to be aware of such account and be wary of them.

That's true.

Someone stranger will approach the new member with a bunch of words as if they're the fastest typing guy in the world. All are copied and pasted and you'll be overwhelmed with what they're asking you.

And aside from that, the questions being thrown to you were already answered by them as well. All you have to do is to ignore them or if it doesn't work, block them.

Telegram is an open network that does not restrict anyone from accessing the platform, this is why we see people from different walks of life on Telegram. From what you have said, the advent of this Telegram airdrop stirred up an influx of scammers into the platform, as they saw a good opportunity to use the airdrops to scam other people. This should only make us cautious of messages we receive from unknown contacts we have nothing to do with to be safe and not fall for any scam.


Your asking question is enough for you to get a million and one answers from admins and mods you know nothing about making you feel so special as a follower and supporter of such a project.  Sometimes, you even get congratulatory messages for being a winner of the activity contest which you know nothing much about just because you asked a question on the platform, and boom you won an amazing prize for that.  Scammers never stop being so creative in their scamming business, when one trick is discovered, they use another to continue as long as the crypto space keeps evolving, they will also evolve with new strategies and tricks to get at more victims.

It's always the same thing. Legitimate group and channel owners won't PM you asking you to do weird things. Only scammers do that, especially in groups in any way associated with money. That can be exchanges, casinos, trading, airdrops, job search, etc. The moment you get a PM from an unknown person after joining a new Telegram group, block, report, and delete it. You is supposed to be the one who initiates contact if you need something and not the other way around.   

That's just annoying. And it happens both ways (not just with newbies but also with group admins). I have been a mod in one or two channels in the past, and I'm talking from experience. You'll at least get one unsolicited PM daily if you are a admin or mod. You'll get tons of offers for promotional services. For example like, comments, ama sessions, social media marketing, shillings etc. There maybe some genuine offers but I consider most of them to be fake for which I know for sure, because you'll notice after a few days their account would just vanish. This is actually funny, there was this one time when a scammer pretending to be a game dev approached me and said, he wants me to test his new blockchain game (I don't remember exactly) and sent me the zip file. Nice try, lol..

Lol, it's so true and relatable. Especially when you ask a question in a chat group, you will have more than 10 moderators reaching out to you through private messages and willing to assist you with the problem . You get surprised that the mods have never given me this much importance, what happened all of a sudden? Lol.

Telegram is the main platform for scammers, and it's not just about the ones that sit inside chat groups to look for targets; even the ones that hunt for targets on other social platforms, such as Meta, will bring you to Telegram to scam you, lol. The most probable reason behind this is probably because of the privacy the platform provides. You can literally hide everything else other than the username that others will be able to see. Telegram has even faced issues because of this in the past.

That sucks in a telegram channel. And it seems every time I get into a channel with a lot of members, not gonna take a minute and some stranger will message me copying the admin/mod name.

They'll start a conversation as if they're an expert and will eventually direct the potential victim into whatever platform they're trying to catch them.

We all know how it works at least for the experienced ones. But it's sad that many newbies are being targeted by them, the ignorant ones always get hacked and scammed by these people.

Many scammers and hackers are still strategizing in ways to make sure they keep stealing from innocent users that no nothing about their tactics. Telegram has been one of the app that is facilitating scams and I don't blame them because the introduction of telegram airdrops have made everything worse. We'll have to close our dm to prevent anyone from sending unsolicited messages that could be harmful to us.
It is fine for us to keep learning some of these strategies scammers are using to steal from their victims so that we can let others know about the risks. More scammer are jumping on telegram to do their illegal works because they feel safe there without any restrictions.

Crypto space is very porous and as such anyone who finds themselves in Crypto should be extremely careful and cautious when dealing with people. Most scammers now fake admins and mods just to get victims, they are very smart and it takes one who is alert to decipher their tactics and knock them off.


Always remember that Mods and Admins do not PM first so if anyone PM's you claiming to be an admin or mod, you should at first check the group you share in common with them and get the tagged so take that other members would be aware of their acts then you can block them from your end so they do not contact you anymore.

Those who have good money and use their mobile phones to store their financial apps or data shouldn't use the same phone for regular use. They shouldn't use the internet on that phone, open links, install apps, or do anything extra, and they should have an extra phone for all these things so that even if someone tries to hack them or access their funds, they wouldn't have anything to access since their financial data or applications aren't on the phone the attackers have accessed.

If someone can't afford to do this, for security measures, they shouldn't have any financial apps or data on their phone because we do a lot of things on our mobile phones, and we might make mistakes, and a small mistake can cost us a lot, so it's better that we stay careful and keep these things away from danger.

It's better to be safe than sorry, telegram has become the home of many Crypto-currency project and many crypto related activities that is why it is also a hot cake for scammers.
To even be more safe I would suggest that you adjust those who can add you to a group this can prevent you from being in scam groups.

I will ignore someone that I don't know because I don't want to get a scam. I have bad experienced before so I must be careful and aware from a stranger. If he give a link that I don't know and I don't ask anything to my friends, I will delete him and block his access to chat me.

Telegram can be a way from scammer to scam those who can not be careful and they will steal our coin if we click on the link that they give. They can access our wallet after we connect our wallet to that link so we must always be careful.

So basically, that these kind of scams do is that the scammer creates a malicious transaction that exploits some vulnerability in the smart contract of some sort which allows them to withdraw money, and they create a Web3 website which serves up that transaction when you connect your wallet. So the moment you linked your wallet, you're totalled.

All kinds of fraud tricks are still there, of course on Telegram it will be a lot of fraudsters' nests so we have to be wary of DMs sent by unknown people as well as not downloading even though we are curious, while we are not doing anything.
Yes, I have also had several random people send files containing malware because I already know this is a scam, so I don't download it but directly block the person because it is suspicious.

I agree with everything you've mentioned. It's crucial to be cautious when using Telegram, especially because scammers often impersonate trusted figures like admins or mods. The deceptive tactics are widespread, and it’s alarming how easy it is for scammers to create fake accounts with familiar names, tricking unsuspecting people, especially newcomers. It's a good habit to verify who’s reaching out to you, and remember that admins rarely initiate direct messages. Always be skeptical and avoid engaging with unknown contacts. Staying alert is the best defense in such environments.

Totally agree with you, if you don't know who you're dealing with on telegram, then consider the person a scammer. It'll make you to be constantly cautious with strangers, not only on telegram but on all social media platforms. I've always known telegram to be a hub for scammers, most recent internet scams that I've heard of were on telegram, these criminals have turned something that was created for a good cause into their evil empires. There are too many links on social media, asking you to join with promises of unrealistic offers. Isaw a Facebook video recently where they offer free travel, free accomodations to work in the US, and there's a link for you to click, I knew immediately that it was a scam.

But does that even work? I mean, as far as I am aware of, the file has to be in the executable format in order for it to work. I get it scammers use the images to camouflage the actual malware. But that's useless as long as it isn't executed/executable! Right?!

Tbh, I have done something similar called Steganography, where we use a method to hide a secret message and videos inside an image. Outside it looks like a normal image, but inside it contains things that I inserted. But it won't reveal itself. We have to manually extract the secret message and until we do, it remains dormant!

Simply the auto download feature of telegram won't do all the works! And it won't download a file which isn't in image/gif/video format! I am not a cybersecurity person, but since you mentioned that auto download thing, I got curious! How does even work! Spreading the malware might be easy using these dirty tricks but it has to be executed by someone! Isn't it!

yes i agree with you
there are many there using fake accounts and profile photos, which are used to deceive and trick people in it,
as if it is a real person, when in fact it is not

usually i search on the internet about the name of the person in the telegram, if there is and a good reputation, then i believe it but still be careful

if there is no name on the internet then i can be sure that it is just a fake name or fake profile photo

Yeah, I also heard about it. This scam mostly happens in social media like Facebook and X. Some random users send you PMs saying,, "Hey, look, your nudes were leaked,," and send you a link to download the images. If someone says your nudes were leaked, you are likely to download the images and check if it is really edited pictures. I mean, even if someone knows that they never took nude selfies, it will be tempting to check how the images are. People usually fall for this tricks and download some malware which actually steal data and information from victims devices. This scams still exists.

I see that hacking the Android system has become very easy for hackers. That means they can take all the access to the phone to their advantage quickly. The security of the iPhone is very good, but recently some iPhone scams have been heard. Android and iOS systems are nothing to hackers, they are always hacking many systems by adopting new methods. However, it is impossible to stop the amount of creativity hackers work with on any system.

Telegram has the highest tendency to be hacked compared to other systems and is full of hackers. Telegram is a safe place for scammers to live from where no one can access them or find them.

I have faced such a problem that my Trust Wallet was hacked. After it was hacked, about $57 was taken, and I later realized this and stopped using that wallet.

Avoiding random links and keeping assets in a non-custodial wallet is very important. Additionally, it is wise to use only official websites and apps, and enabling two-factor authentication adds an extra layer of security. Keeping limited funds in a hot wallet also reduces risk. Staying cautious ensures safety.

Not only on telegram, do not click on random links anywhere; that is how scammers compromise people's devices and steal their funds from them. That being said, it is advisable to keep your assets in a non-custodial/offline wallet, so that if you click a random link by mistake, you will not lose your assets to scammers or you will only lose a small amount that you kept in your online/hot wallet.

With the expansion of Telegram's services, the increase in scammers has undoubtedly grown several folds. However, if it becomes necessary to access any link, it would be wise to verify the link beforehand. I personally use the VirusTotal website for this purpose, and it might be helpful for many others as well.

You are right and one thing I have been saying to people is that whenever they receive a message on telegram from an unknown person, they should first check the group they share in common and do some verification on the account that messaged them to confirm the authenticity of such account because no admin or mod PM's first because it is against the rules for a mod or admin on telegram to PM a random member message but rather the member should PM first if they have any complaints but scammers just take advantage of any little complaints on telegram groups to start flooding the complainer with messages with ill intentions.

It should be an instant block if any one PM's you claiming to be a mod and demanding you to click any link sent or they intend to send you for their ill intentions of getting your account hacked or stealing sensitive information from your device.

When you find out more about these scammers is when complain about given issues you faced on the telegram group you joined. That's when you see them coming to your dm to provide solutions that will come with a link to how to invest and make ROI in a short time.

Gullible fellas would fall to trick anyway by paying attention to them and replying to their chats. I normally hit the block button when I receive such a DM from someone I don't know. Scammers are not the ones to give a chance to chat with

Oh yeah, i operate on a similar principle regarding any internet messaging tool;
It's a scam, unless proven otherwise. THIS is the golden rule everyone should follow.
Assume everything is a scam, and act accordingly. Trust me, no one will DM you offering your free stuff

Well, that just shows how adaptable and tricky these scammers are. I might be saying that cheap tricks from these scammers won't on me, but how about those newbies that doesn't even know how these scammers operate. 

---

My golden rule whether it's on Telegram, Discord or any social media platform is that "When they approach you with an opportunity, there's a huge chance that it's a scam." No wait, if they approach you, it's a scam because it will not come to you out of nowhere, but you should search for them. Scammers will hunt newbies especially on Telegram and Discord. Just don't click on Telegram links if it came from a random stranger. Always do research first on what are the real Telegram usernames of the developers. Researching for 5-10 minutes will not hurt us, right?

This is actually quite concerning. I heard of scammers using image download (when you have it set to auto download) to trick your pc into downloading a virus or some malware, but this is just at the next level.
Just goes to show you how inventive they can get in order to steal a few bucks off of people

This is not new and it happens long time ago. This is also the reason why I don't like to use that platform since anyone can create the same name with famous people that's why lots of people get exploited and scammed especially if they are new then didn't know that such activities happened there.

That's why its really good to verify always who are those people reaching you out since once you post something in the community you are following for sure that you receive a lot of message from scammers so better not to entertain any of those. Then also remember the word that admin on groups will never send you pm first usually the people do that are frauds.

Honestly speaking, the telegram has now become the den of hackers and scammers that even a chat from strangers is very suspicious that needs to be extremely careful and cautious. Clicking on links sent to your dm should be avoided especially when you are recieving it from an unknown account that you have never chatted in the past. Always remember that admin or mods do not dm first on telegram channels or groups so if anyone dm you claiming what they are not, you have every right to report and block them right the way. Your safety should be your concern so as to protect yourself from scammers and hackers. Do not chat with strangers as they may lure you into clicking link sent to you all in the name of wanting to help you resolve an issues in diguse to be admins and mods.

Installing some kind of apps that you dont really know is actually the easiest way to get hacked, since most of these applications can easily be some kind of malware, so installing an app is just the easiest way to lose your fund or your account here in cryptocurrency, if someone is telling you to download an application it is obviously a red flag already so make sure to block him quickly and dont entertain him anymore or straight up report his account.

Also most of the time, it is mostly on phishing, so if someone wanted you to fill up some webpage with your information, that could also be an indicator that they are trying to scam you, to get your funds, the best way to avoid is just being aware of this kind of things if you know about it there was a very low chance that you will become a victim of it, most of the time, clicking the link would put you on a similar page like for example your bank webpage, or even your social media webpage, if you know that you are logged on your account then, you suddenly just needed to relogin again when you click some links, always wonder because it might be an indication that you are dealing with a scammer or a hacker.

Just be safe and don't click any link or install file sent to you by a stranger you met online. If you must, always scan to see if it's infected, because hacking has gone much more sophisticated than what you think. By mere clicking a phishing link, the attacker can remotely access your device and steal your sensitive information like social security number, credit cards details, password, seed phrase etc. If you're still skeptical, you may want to read this article, how a hacker stole 4,502 bitcoin from Japanese largest exchange DMM.

yup nowadays information is very easy to access, this makes us when there is a link, we tend to click on it because of great curiosity about the information

my advice is never to click on any link on telegram, unless you are sure about the person or know the person in telegram

This may not be a new way to hack via Telegram, but certainly the techniques for developing hacking methods have evolved and become more complex. If it was not easy in the past to steal bank accounts due to the development of security methods, while it has become easier to work on hacking crypto wallets, the use of which is spreading day after day. Also, hacking methods are no longer limited to developers because hacking programs are sold in secret markets on the Internet, which makes dealing with unknown people on Telegram a great risk in many cases.

The problem is this is common use by lots of people now since they feel more convenient for using it especially if they used it for each transactions they made everyday. If the case that they are using those digital wallets around much better for people that they are aware on any potential risk that can cause money loss for them so that they would be aware on how to make their wallets and balance safe for any potential scam or other risk you mentioned.

But if they are a holder more better for them not to make use this digital wallets since we really know how risk is high especially if they don't check much their funds and just want to buy then leave their balance unto their wallets. Use hardware wallets for this or any other that they can posses their private keys to avoid getting any much bigger issues.

If you use your phones for storing your bitcoin and altcoins, it is your hot wallet.

Assume you accept risk of hot wallets and loss of your fund in hot wallets, it is still important to store only small part of your capital in a hot wallet that is portable around with many risk like phone loss, steal, physical attacks on you, and more.

Hot wallets should never be your main wallet.

Exactly! I advise using a separate phone for your digital wallet too to avoid potential security risks. Many people have complained about their Telegram accounts being hijacked by scammers, who then use these accounts for fraudulent activities. It's alarming that even messages from friends on Telegram can't be trusted, as their accounts might have been compromised. All it takes is clicking on a spam link, and your wallet and phone can be compromised.

Telegram's CEO needs to improve the platform's security measures, as numerous scams have been reported. It seems surprisingly easy to scam someone on Telegram, especially after joining a group. To protect myself, I've been exiting crypto and Telegram groups, as they often generate fake messages. I'm also being cautious about clicking on links, especially during this festive season.

Telegram is now becoming homes of scam because you keep seen new things am sure this is not suppose to be a surprise to us any longer because aside the issue of Malware you keep seen random messages and majority of them them will want to make you lose your money just by impersonating somebody else this is somthing they have been doing , and since that crypto have been connected to telegram we have not rested with the issues of scams and the more you encourage people to be careful the more they are falling scam and you wonder how they have been doing it getting people's attention.

The advice given not to trust anyone is just the best and you would not just talk to you don't know, links should be avoided by all means, and the more the orice of bitcoin goes up the same way scam increases and this is time we should understand that scammers will be looking for opportunity and the best thing is just to be very familiar and then they  can be avoided, if anyone chat you up it is better to just trust them that way when the economy is now worse crime is increasing and the government really need to help or even we continue like this it will be bad and it won't be better.

I try as much as possible to limit the amount of telegram groups I join. Telegram is a very risky application especially when you are greedy and looking for quick wealth m many scammers are now obviously taking advantage of the unfortunate victims.

Also it's best to not have you wallet on the same device you use on telegram infact you are better secured have a cold storage wallet.

You are right, Telegram is the platform where I receive the most scam attempts by far, but I have to keep using it especially due to this forum, and more specifically for the Bitcointalk bot.

Anyway, it's not too big of a problem, because they're so easily identified. Beautiful women contact me to ask me how I am doing Oh, if that were true... but after a few cases in which I followed the conversation out of mere curiosity I've automated the practice of deleting and reporting.

Scammers are everywhere on the internet. Of all the social media platforms including X, Instagram, Facbook, TikTok, Telegram is the one where scammers freely do their buisness and thrive. The many complaints of scammers and different stories are enough to make you leave Telegram and just stick to other lesser prone and less attractive to scammers platforms.

If you do choose to remain on Telegram, you must learn
-how to secure your account
-how to report scammers (telegram account of scammers)
- how to identify them (they will always chat you first)

That's unfortunate brother! That's why always use an empty or fresh address when connecting to wallets or when joining an airdrop! I did participate in some of the Galxe airdrops and always used a different address! It may be painful, creating all those address's, backing up seeds, and doing it all over again! But it costs nothing to be cautions! For me I use a different spreadsheet to maintain all these address! One for work, one for airdrops, one for daily use and so on..

Btw, how much you lost in this scam?

What happened to you is warning to everyone to be careful when using internet. It is easy to let your guard down especially when you are tired or feeling sure of yourself. Sadly scammers often take advantage of people when they are not paying attention. Luckily you learned valuable lesson and can now help others avoid same mistake. It is very important to always check if emails and websites are real especially when you are dealing with sensitive information like cryptocurrency wallets.

I wasn't trapped by Telegram.
a few months ago, I was scrolling social media one day late at night. Suddenly, I received an email from a platform named Galaxy, which is a spot for crypto airdrops. The email says you have some unclaimed rewards. I did not check the sender's email, and I did not check the URL of that phishing website. I connected my Metamask wallet, and it took only a few seconds to wipe out my entire wallet. I revoked the connection so quickly, but that was not enough to save me. I was sleepy and careless when I connected the wallet. I was over confident that I won't be scammed. But I fell for that.

Telegram is filled with scammers no doubt! It's a paradise for them! I am a mod in one or two groups in telegram and discord, and I get a lot of spam messages! Like, literally everyday, random DM's pops up in my inbox! Most of them wants to do some collaborations like promotions, AMA sessions, shillings, listing, marketing etc! Normally I would ignore these strangers! For because I know after some days, they eventually deletes their account and makes a new one! And they actually do! Alot of PM I got is now marked as deleted account!

Apart from telegram, discord is also on their target list! If I go specific, I was in a similar situations as you (OP). Because I am a mod, I have access to the whole server on my discord! So this person wants to collaborate and gives me a link. And upon clicking the link, it took me to the discord login page! Of, course I was already logged in. He wasn't trying to drain my account but hack my discord the the servers/channels! I was 200% sure it was a malicious link so I tested the link in a sandboxed environment!

Another attempt to scam which happened to me (I think many encountered this once in their life) is that, a person claiming to be a developer looking for tester for his game (virus) and gave me the zip file. Never opened it. 

---

How did it got into your system? I mean infected, through link? I mean what was the process, start to end! I use telegram a lot but it never occurred with me! Can you share the detail or the post! I vaguely remember seeing it!

Didn't you read the post that was answered later? If you click on a link that contains a file with an extension, this file will be installed automatically. Then you become a co-owner of your phone. The virus sees your contacts, passwords, and your card data, which will lead to theft and actions that you disagree with. All this happens on phones with the Android system. On iPhones, of course, the protection is much better, but if you read several topics on hacking, then even iPhones in the "bad" hands are subject to hacking.

Yes. Those that are new to crypto or new to new projects or groups are the one that are becoming victims. But some people are always still part of this people. That is the reason some people are always becoming victims of this scam.

It can be very frustrating. If you have the experience before, you will understand what I mean. As one will be disturbing you, so will another scammer be disturbing you, and also another scammer until you become even frustrated. That is why some people posted that it is better you block anyone that is not on your contact to be able to send you messages. What you will later be doing is to block and report them immediately.

You never connect your wallet to anything that you don't trust 1) and 2) you never give your private keys to someone else!

I am not surprised by this kind of action on Telegram, because some time ago this also happened and they changed their name on Telegram to do the same action again.
The important rule on Telegram is to never trust anyone who offers a project or anything related to money, because they not only offer projects but also group trading that looks legit but is certainly just a scam.
Never mind messages from individuals, even airdrops carried out by projects on Telegram often end in scams.
So don't trust anyone on telegram unless you are sure you know them in real life or they are a trusted member of this forum.

It's the opposite. You should turn it off to avoid downloading malware embedded in pictures or videos. I saw dozens of news related to malware spreading through Telegram, from fake docx files to PDFs, so Telegram clearly won't protect you from that. Even if you use virustotal or something similar to scan the files there's no guarantee their database is updated to include the latest malware. I believe it's better to assume nothing is immune to malware attacks so you don't get blindsided. CMIIW.

Haha. That was expensive for me, but a lesson learned. I used to give advice to people about how phishing works and that they should check the URL twice before they connect their wallet to a website. But my smart ass did not want to follow what I suggested to others, and I went ahead to connect my wallet even though I was sleepy and on my mobile device when I did that.

That was actually stupid of me. But I have learned a lesson. This actually proves that no matter how experienced you are, you could still fall for scams if you become careless while surfing the internet. That happened because I was confident that I won't fall for these scams

It's not just the DMs you receive on your Telegram account, but also the accounts they create on the X platform as mentioned in the tweet link shared by the OP.

These fake accounts are similar to the official accounts of influencers with the verification badges and they comment on their tweets with links to these groups that they claim are exclusive, premium or private with the temptations they write to urge beginners to join these groups on Telegram to double their investments or for profit from airdrops and so on. As soon as they rush to join, they will find that their wallets have been compromised if they are not using hardware wallets, and also their systems if this is the primary system they use to store important data when the malware works on their devices. This is indeed an evolution of simple phishing, and everyone should be aware of all these scammers' tactics, to be aware of how to secure themselves.

I don't think it is wise to connect wallet to any platform provided by some random people via dm, that is risky and often end in tears. If you have been active in cryptocurrency, it is not really complicated to know a scammer from the first few words that will come out of him. Whenever I receive a random DM, the first thing that comes to me mind is that I'm being confronted by a scammer. It will take the person convincing me to thin other wise and I will be very attentive to the tone of the conversation as well as the logic so I will be able to spot a red flag which scammers never fail to drop. 

Honestly, I never bothered to click the link provided for clarification. The information provided is enough and satisfying, this is a clear example how careful we all ought to be, why will anyone fall for a cheap scam like this one involving wallet and private details. I don’t understand the point clearly because I want to know what’s promising about the project, although any user who decides to send message to an unknown group should be ready to handle situations like this definitely the person is now the center of attraction. I’m sure people who send different messages face all sort of temptation and it’s so difficult understanding the genuine ones, personally avoiding such group is the starting point to escape all this.

Yeah, it should be malicious smart contract or just malicious website. Malware has a different meaning. Regardless the name it will still steal your funds if not carefully secured your device. Btw Sorry for the loss.

I've got some kind of malware, and almost got my email hacked on twitter/X last time searching for some new cryptocurrency projects, so probably just be careful especially on linked that is being sent on different groups, especially on Telegram where a lot of scammers are using, There was no way around it for sure, so if there are a lot of red flags and some shady things going on, Im not going to join a group on telegram.


I believed that it is not really going to be easy to be hack, like if you click a link your not really gonna get hack that easily unless you just got trick into putting your information to a fake website something like that, its a different case if the telegram is the one getting hack, in this case its probably better to avoid strangers since you can already see that the intention of someone want to have a chat with you is to trick you.

Actually not even in telegram but any kind of socials and even it came on your friends randomly because sometimes their account are the one got compromised and because you are having often conversation with them you forgot to make yourself keep more safety. Tons of people now are getting careless recently on the internet so stay vigilant. In telegram before you can filtered out people who can message to you but now you need become their premium member to access this feature.

If we can maintain an healthy practice on the use of the so called social media telegram app, then we are not likely going to to be a victim for related scam there, here are some tips we may have to follow to ensure that we make use of the opportunity on the use of social media and telegram precisely in a safety mode.

1. Don't join any group you don't know about
2. Ensure to activate 2FA on your telegram
3.  Avoid telegram links unsolicited
4. Same as well, you need to avoid downloads there
5. Don't make your contact number or email visible to the public on telegram

With these few steps, you are not going to easily be attracted to any scam related telegram attempts others are being affected of.

I also had such a problem once while learning about new crypto. First, I tried different types of airdrops and got a payment of about $30 at a time. Later, I kept it in one of my trust wallets. One day, a message came to my Telegram, and I was surprised. Later, while chatting with them, they gave me a requirement that you can earn a lot of money from there. Although I was new then, I did not understand, so I asked them to share my wallet phrase. I shared it. Later, after a few days, I saw my wallet empty. That's when I realized that they were scamming me. Then I blocked them, stopped using that wallet, and started using another.

There are many messages on Telegram to scan constantly. It is better to avoid these messages now, and I also avoid them because they are sitting in their hands. If you fall into their trap, you will lose. That is why we must proceed very carefully so that they cannot harm us and we do not fall into a trap.

Yup, there are many DM's if we join some hot groups, sometimes they use the name of platform support or core team member for kind of assistance and their other cruel methods (Cruel in terms of shity methods).

Honestly, we all know about the market and spammers and some other basic precautions we need to take, except for some of those who are opening their eyes recently in crypto industry.

I've found something stage, haha I know there's nothing strange in it but I've come to know this recently, Haha I was checking the source of the mode WhatsApp which is super famous all around my region Watsapp GB after watching a video that it contains some fishy access permissions haha and it there I've checked myself there are some crypto-related scripts and many payment permissions in simple words all possible access our smartphone can provide were there.

So My dear Watsapp GB users if you want read the deleted messages only you can go for notification data reading better than Watsapp GB.

If I get sent a link from someone I don't know or get an unsolicited offer from someone I am not expecting and I still go ahead to give this person the attention he is seeking for, even to the extent of giving him some private information I should be keeping to myself, then I should really be taking responsibility for my stupidity if anything eventually goes wrong. Some people are just too careless and only get to realise how careless they were after some damage have already been done.

Scammers are becoming more sophisticated these days and the only only way we can stay ahead of them is by avoiding strangers and strange links completely. If everyone can do this, the risks of getting scammed will reduce a bit. That is until these scammers device new means of scamming their victims effortlessly.

It’s the one way in which you can’t have access to a telegram channel no more. Not having access to the telegram phone number which could have been reset to a whole new one. Once that is done, then it’s gone to you too and that’s a whole lot of hack to reverse. Do they even do that?
Telegram have never been an easy catch or deal for users. You’ve got to be very skeptical about whatever text you receive and how to go about it. Being vigilant on those pop up notifications and proactive to tackle the security warnings when they pop up.

Telegram is full of scammers and frauds, they actually know that most users who use Telegram are somehow part of crypto community and especially the ones who've joined some crypto call groups.

The scammers first introduce themselves as insiders and sometimes they show huge balance of their accounts to gain trust of the victims. In actual they don't have any such balance but only they show it via screenshot, and that's their way to trap victims.

Only awareness can prevent the community from such scams, and the scammers will always try to find ways to scam others. They have no moral values and they don't really care about someone else. Only education and awareness is our weapon against such scammers.

I vaguely remember that incident, it's been more than a year. All I can recall was that we were trying to recover the account but were unable to do so. The logging code wasn't coming through, and the system gave us a message, "too many attempts" or something similar. I guess the hacker first hacked the account with malware and then bruteforced it in order to lock us out! We were unsuccessful that day. I can't tell whether he (friend) was able to recover that later.

Good thing i was awake when this happened so i did all stuff to prevent the hack, but i guess since i owned the tg number i can still recover the account, No? Why its not possible to your friend? Well, it doesn't happened to me yet. But why it's not possible, uhm, i guess maybe if mobile number is changed.

More than that, not only we have to be careful and distrust any link that was sent to us from strangers, we also have to be careful that any link that sent to us even from our colleagues, they might have became a victim to scam and the scammer is operating their account and sent a link to their associate contacts. We could as well ask questioned them about the link, in case its a phising and they think that was a valid link, such us a website for gifts or discounts which asked them to share the link, since not everyone is aware of internet scamming.

This is what a scammer will do to their victim. They will try to convince their victim by offering a tempting offer and asking you to join. If you are not careful, you will follow what they want that making you lose.

If a stranger gives you a link and asks you to check it, you can skip that and block him immediately. That can be a way for them to starts scamming you without you realizing. That is most common ways that scammers do it so you needs to be careful with this.

No need to bother with a stranger that you really don't know. You must be responsible with yourself and aware of any link, document, file, or anything that stranger give to you and no need to clicks that.

I thought the Telegram media auto downloads only for images/video files. So let's say even any files that auto-downloaded by telegram, are safe since they are media files (video or image) and that is impossible file could be infected by any malware?? I'm not sure.

Scary ASF!!!!!!

I believe there's a file that user downloaded if this kind of malware was able to went inside to your system.

It's not malware. It is a smart contract designed to wipe out the entire wallet to a specific address. But before it happens, the victims must connect the wallet and approve the transaction. I created a thread a couple of months ago. My entire meta mask wallet was drained once I connected my meta mask to a fake airdrop website. It took 30 seconds to wipe out my entire wallet. It was too late when I revoked the connection. These are known as crypto wallet drainers. However, I see many new media and blog articles refer to it as malware.

Telegram has been the latest home for crypto scammers. You can see how many airdrop has flooded telegram and comes with much  promises leading to many people losing there asset to scammers. Though some projects are real but majority are scam or trap to swindled fund from victims.  And the easiest way to scam people in telegram is by sendind a virus in form of a bot guiding you connect your wallet maybe internal telegram Wallet or external wallet and when this is connected anything can happen.  Because access has been granted, It is important people don't  connect  their external wallets with Hodling, to the telegram airdrop connect, to avoid swindled of fund or to avoid malwear or clipboard virus.

Something similar once happened with one of my friends. He rarely used his TG account and and one day some Russian guy somehow hacked his account. All of his personal details were private, numbers and everything and he had 2fa on. But still the hacker was able to got hold of his account. Later we (I was with him) tried to recover the account, but the recovery code wasn't coming. And at the same time the hacker was threatening us by saying he would hack all our accounts. He used all kinds of slang vulgar words like asshole,mother****. Unfortunately we couldn't recover it. We had to abandon that account though it didn't contain much information or anything.

Even in legitimate crypto telegram groups, these scammers are also there. They'll try to message the newly joined members and if that member is not aware of this tactic they do, they're likely to fall for this trap that they set. I think it's always worth noting that if you haven't messaged anyone, don't entertain it from strangers. And if they ask you to visit a link and if it asks for you to connect to your wallet, that's already a sign of it as a red flag. It's scary for those that are unaware of it if these links are automated and trying to connect automatically the wallets and if you're the kind of "yes guy" and just clicks yes/agree, you're in danger.

This is not related to malware on TG but I just got a detected login to my one account today at 5 am (was sleeping just got awake from the call) which was the very first time to happen in my tg account.
- First i got a message from tg of login code that someone trying to access my account, this is only will happen if they know your number knowing this number were including on different breached like Ledger so probably many have this number of mine on their db lists
- then after minute someone call from overseas i didnt answer of course since i didnt know who was it.
- moments later i got new message of detected login from new device "Telegram Android, 11.5.3 MBOX Android 11 (30)"
- set 2fa (received a message on this too)
- then i noticed an email was linked as well which i never did before, probably it was from that user

So what i did is;
- first go to device then terminate the session of the new device, just after i received the call (after a woke up)
- removed the email, it was snipped i can't fully see the email id just the first and last character, then i changed it to mine (first time doing that)
- add passcode
- then reset 2fa

This account is not my main tg never had any convo to strangers i just used it to test my TG bots, since i know this number was leaked to different list already but it weirded me out that just a missed call from unknown number it got successfully login to the account. Which i think that instead of passcode from the app, the call (probably from telegram) was used for the verification then logged in.
Note my privacy settings were all set to "nobody", so no one can see my phone number, calls, last seen, contact list, etc.

This is the number used with label "Malaysia"

Well, it's not necessarily to use your number. For much better than just hiding phone number is you should use another phone number that you don't use for personal reasons and It is more like a dummy phone number that you have to keep in case you need to access an OTP. Another way for scammers to know on how to contact you is when they know your telegram username like when you and a scammer are in the same group then he can send you a message. Another one is you shouldn't entertain such attempts.

Yea... the first step after signing up ones telegram account is to set up every privacy and security datas. In the case of using temp number on the TG may not be easily applicable to everyone, easiest way is to hide the number through the privacy settings and it won't be displayed either.

Telegram is no social media as of what it is today, that's a hub for scammers. This should have been known already, any unidentified DM from anyone is an absolute scam, most of them comes in as investors many brings the idea of them trading for you and giving out returns of profits after weekly trade which is also false, that's a bid to reap off your funds.

I have always seen telegram as the play ground of scammers. Whoever is trading there or using it should be very conscious and careful. Someone in the barracks should be very careful of bullets and not someone sleeping in his room.

Generally, if someone sent you a link, it is suspicious and be treated with care, let alone being set a link from the scammers abode.

Alot of telegram users leave they security amd privacy settings at default which gives stranger's access to messagthem freely?, but those that took extra step to customise their privacy settings have less chance of communicating with any scammers or strangers trying to reach them that is that about telegram.

Back to ops questions as to what gives the scammer access to steal funds from a wallet that is connected to their smart contract, if I am not mistaken, some smart contracts have security settings that grant them transaction access to any wallet connected to them and even have access to both the pin and other secure features of the wallet, so for that the victim's funds are at the mercy of the scammers when there are already into the wallet.

They also message you a question like do you want to earn profit by investing and then give you a website that the system on how people earn is through pyramid scheme which in my opinion is a scam although I don't have any proof but as we know that pyramid scheme or ponzi scheme is known by many people and how it is used to scam people. This is exactly what happened to me where someone sent me a pm and I pretended to be interested which I am not and also I received a message as well where he asked me if I want to buy bitcointalk account for money. People should be very careful about telegram groups and people who sent you dms on telegram.

I rarely join telegram groups and do not get unsolicited messages at all. Someone using their telegram as a means of finding crypto projects or joining crypto groups to share knowledge will run the risk of getting scam messages. If you are in that situation, never reply to any unsolicited messages, do not click links and always report such messages when you get them.

Your privacy setting will also protect you from being added to random groups or receiving random messages.

- Jay -

Links, files like animated images, videos need to be ignored and avoid to download them.

How to disable auto media download in Telegram.

Turning the automatic download feature for your Telegram account, and avoid clicking on any unsolicited links and files.

On devices I log in my email, accounts and have my wallets, I am more carefully with practice and don't click on links automatically without a little consideration time. I agree with you that any account has risk to be compromised, so OPSEC, I don't intend to easily clicking on anything.

Even if you know or trust someone, it's always best to be cautious with links they send, as their accounts could be compromised or they might accidentally share malicious links. Always verify the source of link and avoid clicking on anything suspicious.

There are some decent and real airdrops on Telegram, but be careful. Scammers may pretend to be real projects to steal your info or money. Always check if the project is real, never share private keys or connect wallet. Confirm details from their official website or channels before joining.

 Telegram is the hub for scammers so when you join a group that immediately prompts you to link your wallet, that should send alarm bells through you and most times these scammers present a very credible looking proposal that would seem so convincing that if one's not careful, they will fall but they will always have something that would give them away to be dubious and full of scam so what I do when I see such "projects" I just ignore. Good thing I'm not always on telegram.

Whether it is a new malware or not, the key point is that it is a vital shared information so that others who have not learnt about it will be updated and stay cautious on joining telegram groups. Especially those ones that basically discusses about enhancing members opportunities to earn money without going in details the foundation of the organization or platform.
Infact, I am rather preferred not clicking an unknown link because such is a means to make your device vulnerable to scammers.

Even, once I am asked to connect my wallet to the platform, I am immediately twice thinking of malicious intentions and that is even why I am rare to participate on most bounty projects that requires connecting of wallet to enable payment.

 

Since I noticed that scammers are more in telegram space than other notable social media platforms, joining groups on telegram has been minimized despite having some good groups that has proven to be legit on telegram.

You see the idea of connecting my wallet address to any link from telegram, I doubt if I will fall for the scam again after hearing the stories of people that have lost control of their wallet and the funds inside of it.

People should just be mindful of the groups they quickly rush to get into and they should try not to clink any link they see on the groups because most people do not know what happens next after clicking on links that was sent to them through telegram.

The easiest way is to customize your privacy and security settings so that only people registered on your phone can contact you(remove your username and use TG with temp phone number)

While we're being cautious about scams, telegram is proven to remain the number one scammers eden. It baffles me how these scammers are improving on their strategies as technology is improving and telegram has been the leading channel they carried out their evil acts. That being said, isn't it carelessness to join any group that comes our way? I believe if you have anything to lose, you'll definitely be careful clicking on strange links. Moreover, reputable projects don't restrict access to their groups, you don't need to pass through bot verification to prove your humanity. I like the idea of most projects and influencers representatives adding "never dm you first" to their names to minimise the case of impersonation.

Golden rule in telegram if you dont know the person or someone talking to you he is a scammer until otherwise rproven legit user from a project. I often got dm with such introductions and ofcourse these scammers even use legit or verified users. I have not yet fallen into the likes of these modus since I am not gonne be swayed by such offer even though its so good.

Any link sent to you from a stranger should be viewed with distrust. Telegram fraud has become very sophisticated these days. In my country, they spread a message like, "Look, you're on the news," or ask, "Is that you in the photo?" and send a file with the extension ... apk. After you click on the link, all your funds are debited from your cards if they are linked to your phone. The same thing happens with the distribution of fake links from our Telegram crypto groups that we subscribe to receive news. We don't know the people who sent the links, and we shouldn't trust them. But there is another thing: scammers have learned to hack Telegram accounts. Even after receiving a link from people you know, still be extremely careful. Sometimes bad things can be sent from acquaintances.

I have joined some Telegram groups before. When you joined or if you post on the group, you will see some scammers that will send you message to chat with you. Convincing you that they are working in group and the project. But they are all scammers. What I noticed before was that they will give you a fake link and tell you to connect your wallet. If you connect your wallet, I am not sure maybe you will still be the one that will make payment into the scammers address, but I do not think so because victims complained that all the money on their wallet are stolen with the Telegram scam.

So I do not know if this malware is truly new or not, but it is worth knowing. Although, it is just like before, if you avoid the fake Telegram groups, you will avoid the malware. Scam Sniffer posted on X that the malware is through a bot. And that it can compromise your crypto wallets and your device.




https://x.com/realScamSniffer/status/1866465802020602074?t=9ZtgnfEyENZpJvmGI2gDwQ&s=19


If you click on the link and you are not logged in through browser, you will not see all the Scam Snuffer's posts. You can click on the link in code which can suggestion you to read it on your Telegram app where you will see all the posts, provided if you have X installed on your device.