Security News > 2022 > June > Telegram’s blogging platform abused in phishing attacks
Telegram's anonymous blogging platform, Telegraph, is being actively exploited by phishing actors who take advantage of the platform's lax policies to set up interim landing pages that lead to the theft of account credentials.
Telegraph is a blogging platform that lets anyone publish anything without creating an account or providing any identification details.
According to a report by INKY shared with Bleeping Computer before publication, phishing actors use Telegraph extensively to create phishing sites that look like website landing pages or login portals.
INKY's data from the end of 2019 until May 2022 shows that the inclusion of Telegraph links in phishing emails has been going through a steep rise recently, as over 90% of all detections occurred this year.
The phishing email delivery rates are excellent because these links are hosted on Telegraph, a platform not marked as dangerous or suspicious by any email security solutions.
In many cases, INKY noticed that the phishing emails came from hijacked email accounts, so blocklists on known scam addresses were bypassed.
News URL
Related news
- Ransomware gangs pose as IT support in Microsoft Teams phishing attacks (source)
- Microsoft Teams phishing attack alerts coming to everyone next month (source)
- How to Prevent Phishing Attacks with Multi-Factor Authentication (source)
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Darktrace: 96% of Phishing Attacks in 2024 Exploited Trusted Domains Including SharePoint & Zoom Docs (source)
- Phishing attack hides JavaScript using invisible Unicode trick (source)