Security News > 2022 > June > Telegram’s blogging platform abused in phishing attacks
Telegram's anonymous blogging platform, Telegraph, is being actively exploited by phishing actors who take advantage of the platform's lax policies to set up interim landing pages that lead to the theft of account credentials.
Telegraph is a blogging platform that lets anyone publish anything without creating an account or providing any identification details.
According to a report by INKY shared with Bleeping Computer before publication, phishing actors use Telegraph extensively to create phishing sites that look like website landing pages or login portals.
INKY's data from the end of 2019 until May 2022 shows that the inclusion of Telegraph links in phishing emails has been going through a steep rise recently, as over 90% of all detections occurred this year.
The phishing email delivery rates are excellent because these links are hosted on Telegraph, a platform not marked as dangerous or suspicious by any email security solutions.
In many cases, INKY noticed that the phishing emails came from hijacked email accounts, so blocklists on known scam addresses were bypassed.
News URL
Related news
- New Phishing Attack Uses Clever Microsoft Office Trick to Deploy NetSupport RAT (source)
- Hackers Exploiting Popular Document Publishing Sites for Phishing Attacks (source)
- New StrelaStealer Phishing Attacks Hit Over 100 Organizations in E.U. and U.S. (source)
- Iran-Linked MuddyWater Deploys Atera for Surveillance in Phishing Attacks (source)
- Alert: New Phishing Attack Delivers Keylogger Disguised as Bank Payment Notice (source)
- TA547 Phishing Attack Hits German Firms with Rhadamanthys Stealer (source)
- FBI warns of massive wave of road toll SMS phishing attacks (source)
- FIN7 targets American automaker’s IT staff in phishing attacks (source)
- AI set to play key role in future phishing attacks (source)
- LA County Health Services: Patients' data exposed in phishing attack (source)