Man
Professional
- Messages
- 3,087
- Reaction score
- 627
- Points
- 113
Scammers have evolved and moved on to attacks on accommodation booking services.
Scammers using the Telekopye tool have expanded their operations and started targeting users of accommodation booking services such as Booking.com and Airbnb. Telekopye is a toolkit powered by Telegram that criminals use to create phishing pages and steal user data.
Telekopye first became known in 2023. The tool allows you to create fake pages where victims enter bank card details. Over the year, fraudulent schemes using Telekopye have developed and now cover not only trading platforms, but also accommodation booking services.
The fraud scheme is as follows: criminals contact users of the platforms, reporting alleged problems with booking payments. Victims are instructed to follow a link to a fake page that bears a strong resemblance to the original. The page already contains information about the real booking, which makes the scam more convincing. Fraudsters obtain data for access to hotel and real estate accounts by buying stolen accounts on underground forums.
Example of a fake Booking.com payment form created by Telekopye
One of the distinguishing features of Telekopye is its ease of use – cybercriminals do not require special technical knowledge. The tool provides all the necessary tools to create fake messages, web pages, and phishing emails.
Fraudsters from groups using Telekopye operate on a business model, having clearly built hierarchies and fixed working hours. Within the groups, detailed correspondence is maintained on each transaction, which helps to control the distribution of stolen funds.
Example of an online chat from the side of the attacker (left) and the victim (right)
According to ESET, in 2024, the number of fraudulent attacks on accommodation booking services has increased dramatically, especially during the summer months. In July, such attacks for the first time exceeded the classic schemes with trading platforms in terms of the number of cases. In August and September, the frequency of attacks on both categories of services leveled off.
Telekopye is also constantly improving. Scammers have added new capabilities, such as automatic phishing page generation and built-in DDoS protection to protect against competitor attacks.
To protect against such scams, ESET recommends that you always check the authenticity of messages, avoid clicking on suspicious links, and use antivirus solutions that can warn you about phishing sites.
Source
Scammers using the Telekopye tool have expanded their operations and started targeting users of accommodation booking services such as Booking.com and Airbnb. Telekopye is a toolkit powered by Telegram that criminals use to create phishing pages and steal user data.
Telekopye first became known in 2023. The tool allows you to create fake pages where victims enter bank card details. Over the year, fraudulent schemes using Telekopye have developed and now cover not only trading platforms, but also accommodation booking services.
The fraud scheme is as follows: criminals contact users of the platforms, reporting alleged problems with booking payments. Victims are instructed to follow a link to a fake page that bears a strong resemblance to the original. The page already contains information about the real booking, which makes the scam more convincing. Fraudsters obtain data for access to hotel and real estate accounts by buying stolen accounts on underground forums.
Example of a fake Booking.com payment form created by Telekopye
One of the distinguishing features of Telekopye is its ease of use – cybercriminals do not require special technical knowledge. The tool provides all the necessary tools to create fake messages, web pages, and phishing emails.
Fraudsters from groups using Telekopye operate on a business model, having clearly built hierarchies and fixed working hours. Within the groups, detailed correspondence is maintained on each transaction, which helps to control the distribution of stolen funds.
Example of an online chat from the side of the attacker (left) and the victim (right)
According to ESET, in 2024, the number of fraudulent attacks on accommodation booking services has increased dramatically, especially during the summer months. In July, such attacks for the first time exceeded the classic schemes with trading platforms in terms of the number of cases. In August and September, the frequency of attacks on both categories of services leveled off.
Telekopye is also constantly improving. Scammers have added new capabilities, such as automatic phishing page generation and built-in DDoS protection to protect against competitor attacks.
To protect against such scams, ESET recommends that you always check the authenticity of messages, avoid clicking on suspicious links, and use antivirus solutions that can warn you about phishing sites.
Source
