Most stolen data is handled by phishers via email, with Gmail being the most preferred option. However, cybercriminals increasingly rely on Telegram since it provides them with a high level of anonymity.
Group-IB, a cybersecurity firm, found roughly 3,700 unique phishing kits in 2022, a 25% increase over 2021. A phishing kit is a collection of tools used in large-scale phishing campaigns. Typically, threat actors handle stolen data via email. Gmail remained the most favoured service, with 45% of phishers preferring to process stolen data using Google's facility.
The amount of phishing kits using Telegram to collect stolen data has nearly doubled, according to Group-IB's Computer Emergency Response Team (CERT-GIB). In 2022, 9.4% of phishers handled information using Telegram.
"The messenger's flexibility and convenience allow cybercriminals to process and manage compromised information almost in real time," according to the company.
Criminals abusing Telegram is neither new nor surprising. Indeed, several encrypted messaging platforms, such as Signal and WhatsApp, are used by criminals because they provide a high level of anonymity to people in need. For example, dissidents, whistleblowers, or demonstrators.
Criminals can establish and manage hundreds of websites daily, thanks to automation. Criminals focus on improving evasion capabilities to lengthen the life cycle of those websites.
The most common essential access control technologies are hypertext access (.htaccess) and robots.txt. These are configuration files that block bots and search engine crawlers from accessing the website.
Cybercriminals also employ a variety of complex evasive strategies. A typical detection evasion strategy, for example, is a dynamic directory. This means that a malicious link is personalized and can only be accessed by the intended recipient.
Criminals also use bogus 404 pages. If the user's device parameters, geolocation, and referrer do not match the victim's profile, they see an error message.
To make things even more difficult for defenders, many off-the-shelf phishing kit solutions are equipped with complex detection evasion strategies. This means that even inexperienced cybercriminals with limited technical skills can conduct a phishing campaign.
Please do not enter any spam link in the comment box.