Time Table

In today’s digital landscape, phishing attacks conducted through official chat functionalities in web and mobile applications pose a significant threat. Understanding and countering these threats are paramount to safeguarding users and platforms alike. This presentation delves into a personal account of receiving two suspicious chat messages, triggering an investigation into a widespread phishing campaign.

The curiosity and concern sparked by the suspicious messages prompted a deeper dive into the nature and extent of the phishing campaign. The investigation revealed critical insights into the tactics, targets, and methods employed by the attackers, particularly within the travel industry. Additionally, the discovery of an InfoStealer malware attack shed light on the theft of valuable customer information from official travel accounts.

As the phishing campaign expanded its scope to target e-commerce platforms, the tactics adapted while retaining distinct similarities. Further exploration uncovered findings related to other platforms targeted by similar phishing attacks, underscoring the campaign’s broad impact.

A detailed source code analysis of the phishing platform unveiled its capabilities, including the targets that are majority European countries (including Italian speakers), the generation of convincing phishing pages, integration with chat functionality, and verification mechanisms for transactions. The platform’s integration with Telegram and the presence of multiple operators shed light on its underlying business model and operational strategies.

Discoveries indicated that the phishing platform likely serves as the management platform for the Telekopye Telegram scam, revealing interconnected networks and motives underlying these attacks.

Practical recommendations are provided for users, merchants, and platform security engineers to enhance security posture and mitigate the risk of falling victim to phishing attacks. Emphasizing ongoing vigilance and collaboration, this presentation concludes by summarizing key findings and insights gained from the investigation.