As reported in the blog of Kaspersky Lab, many users faced such a scheme of "hijacking" an account at the end of the year. Moreover, the offer to vote comes from any contact from the notebook.
"To register votes, you need to enter your phone number and verification code. And that's exactly what you don't need to do in any case — there is a high probability that you will lose your account", - the experts said. But in fact, the author of the message is not an acquaintance from the contact list.
An attacker is hiding under his guise, who has already stolen his account. In some cases, vigilance can be lulled by a story about a child participating in the contest, and sometimes they just write "vote for me" without giving details. The "voting" site itself from scammers looks extremely modest.
On the first page there is a message "Come in and vote for the contestants", a phone number input field and a message that you need to authenticate to register your vote. There is also a screen for entering the confirmation code that the organizers of the contest allegedly sent to you in Telegram. As soon as the user specifies his phone number, the attacker's program enters his Telegram account from a new device.
The messenger's security mechanism requires confirmation from the owner - to do this, it sends a confirmation code to the user's phone or computer where Telegram is already authorized.
- With two-factor Telegram authorization turned off, the phone number and the sent code are all that an attacker needs to log into your account. If you enter this code on the scammers' website, they will have the full right to dispose of your account. Including, for example, to link it to another phone, the company said.