With the Ethereum Shanghai upgrade and the emergence of Layer 2 ecosystem hotspots, the digital asset market has again experienced a resurgence. New and seasoned users are flocking to social platforms like Telegram and Discord to engage with others, seeking the latest industry news, project updates, and market trends. However, this market boom has also presented nefarious actors with ample opportunities for exploitation.
To help our users mitigate risks and stay safe online, we have compiled the common Telegram scams and corresponding strategies in this wallet security bulletin. We aim to equip you with the knowledge necessary to identify and guard against potential cybersecurity threats.
1: Fake imToken App and Fake imToken Customer Support Scams
- Scammers create fake imToken fan groups on Telegram, guiding users to add fake imToken customer support friends in an attempt to deceive them into providing sensitive information such as mnemonic phrases and private keys.
- Scammers imitate imToken's official notifications in group chats, creating and spreading sham imToken announcement messages.
- Scammers attach fake imToken official website QR codes or links on promotional posters, luring users into downloading fraudulent imToken apps.
- Please note that imToken has no official fan groups on Telegram. Besides, the official imToken customer support will never request mnemonic phrases, private keys, and other sensitive information from you.
- Refrain from entering your mnemonic phrase or private key into websites and applications provided by fraudulent support. To contact the official imToken customer support, reach out to us at firstname.lastname@example.org.
- imToken's official announcements will be released first in the "Help Center" on the imToken official website: https://token.im. If you find any imToken information through other channels, verify it in the official website's Help Center.
- Apart from visiting the official website to download imToken, you can also send an email titled "Download" to email@example.com to receive the latest version of the imToken application.
2: Telegram Verification Code Screenshot Scam
Scammers may impersonate your friends, requesting chat screenshots for seemingly legitimate reasons. While this may appear harmless, they are actually attempting to access your Telegram account using your phone number. If the screenshot you send contains an official login code, the scammer can successfully log in to your Telegram account and defraud your contacts. Here is a detailed outline of their deceptive process:
- Obtaining phone numbers: If your Telegram account privacy is set to "visible to anyone," scammers can see your phone number, or they may first gain access to your friend's account and then find your number.
- Deceiving users for chat screenshots: Posing as a friend, scammers use various tactics to trick users into providing chat screen captures, such as unblocking accounts or addressing chat interface issues.
- Exploiting login codes in screenshots: Scammers attempt to log in to the user's account on a new device using their phone number. The scammer can access the account if the screenshot contains a login code.
- Hijacking accounts and continuing to scam: Upon logging in, the scammer logs out all connected devices, changes the password, and utilizes the user's account to defraud other contacts further.
- Enable Telegram two-step verification: Navigate to Settings > Privacy and Security > Two-step Verification and follow the setup process. We recommend setting up a security email in subsequent steps to reset the password if you forget the two-step verification code.
- Hide your phone number and restrict people from adding you to new groups: Go to Settings > Privacy and Security and configure settings to hide your phone number, online status, profile picture, and forwarded messages. Set your account to prevent non-contacts from adding you to unfamiliar groups, reducing the likelihood of being scammed. Refrain from using Telegram's "People Nearby" feature.
3: Fake Telegram App Scam
Since Telegram doesn’t offer a Chinese installation package, scammers often create counterfeit Telegram Chinese apps with malicious plugins. They purchase keyword advertising on search engines like Google and Baidu to lure users into downloading their fraudulent software.
Users downloading and using these malicious Telegram apps risk making financial losses. The fake Telegram app automatically detects blockchain addresses in chats, replacing users' wallet addresses with scammers' addresses.
If users copy the address for a transaction from the fake Telegram app and only verify part of it, they may mistakenly copy the scammers' address, leading to asset loss.
- Examine your software download sources: If you have downloaded the app through a web search, uninstall and reinstall it from the official website. Third-party malicious clients can access and control your account, read your entire chat history, and collect identifiable device information. For security reasons, always download and install the software from the official Telegram website: https://telegram.org.
- Always carefully verify addresses before making transactions: imToken recommends using the address book feature to save frequently used addresses, preventing the transfer of funds to incorrect addresses.
4: High-Return Investment Website Fraud
Scammers pose as cryptocurrency experts on Telegram, luring users to invest with the promise of high returns. They typically guide users in private or group chats to access third-party scam websites using imToken's DApp browser, asking them to deposit assets. After a successful deposit, scammers display seemingly increasing investment returns, misleading users into believing their investments are profitable. However, when users attempt to withdraw funds, the scammers disappear with their controlled accounts, causing financial losses.
The characteristics of these scam websites include
- High returns used as bait
- Fly-by-night operations that are difficult to shut down
- Poorly built websites with low-quality designs
- Touting "decentralized, secure, and transparent" credentials
- False advertising, impersonating well-known companies
- Promotional and recruitment behavior similar to Ponzi scheme projects
- Exercise caution when evaluating high-return investment projects: If you need help to discern their legitimacy, seek assistance from imToken's official customer service at firstname.lastname@example.org.
- imToken issues risk warnings and blocks known high-risk DApps. If you encounter a blocked website, please refrain from interacting with it!
5: Virtual Platform Recharge Fraud
Scammers exploit people’s desire for bargains by promising them discounted gas cards, gift cards, and recharge services on certain verification platforms. They guide users to their malicious websites to recharge. When users click the recharge button on these malicious sites, imToken displays a security alert warning users of potential changes to permissions.
Once users confirm and enter their password signature, their address permissions change, causing them to lose control over their wallet's assets. Under these circumstances, users can only deposit tokens into the wallet, but cannot withdraw.
- Refrain from trusting online promotions for gift cards, gas cards, verification websites, and participating in recharge activities. Be especially wary of links offering recharge redirection services. Generally, legitimate recharge services only require the recipient's address for a transfer to complete the transaction.
- When it comes to safeguarding your funds, it's always better to be overly cautious. If you need clarification on the legitimacy of a recharge website, kindly contact imToken's official customer service at email@example.com for guidance to ensure the security of your assets.
Security Alert｜Be Wary of Fake Transaction Record Scams!
Have you ever noticed unauthorized USDT transactions in your wallet's transaction history? Recently, scammers have been creating fake USDT transaction records on the blockchain, which appear in Etherscan and wallet history records, causing users to see unauthorized and false USDT transfer records. So, how exactly do these transactions occur? Click to learn about this new scam!
The imToken security team advises that when you see an unauthorized USDT transaction in your ETH wallet, first verify whether the USDT in the transaction is genuine. Due to the immutable nature of blockchain technology, once a transaction is successfully executed on-chain, it cannot be canceled or reversed. Hence, it is crucial to thoroughly verify the recipient’s address before initiating a transfer!
Security Alert｜Be Aware of Data Authorization Scams
Recently, numerous users have inquired: “Under the pretense of offering discounted PetroChina fuel cards, an individual requests a zero-value transfer while requiring me to enable advanced mode and input a series of digits in the Data field, purportedly to verify the functionality of my wallet address. Does this pose any risk to my wallet's security?”
The imToken security team cautions: This is the latest scheme scammers employ to steal token transfer permissions. The scammers leverage the authorization granted unknowingly to transfer assets from your wallet without consent. We dissected such deceitful tactics in our previous articles and offered corresponding tips to avert fraud. Follow this link to learn more.
In March, imToken marked 6108 tokens and 113232 addresses as risky and banned 137 DApp websites.
Please help us keep the community safe by reporting any risky tokens or DApps to firstname.lastname@example.org. Your efforts can make a big difference in preventing asset loss!
At imToken, we are committed to equipping our users with security knowledge and providing security solutions to safeguard their assets, thus creating a safe and sound crypto ecosystem.
imToken is a digital asset management tool with personal touch and accountability. It undergoes rigorous security audits and deploys sophisticated risk control measures to guarantee the safety of user assets. It is now serving more than 10 million blockchain enthusiasts from over 150 countries and regions.
Visit https://token.im/download to download imToken.