Telegram scams are on the rise? Master the protection key to safeguard your assets

Recently, Telegram scam incidents have been occurring frequently. Malicious actors use various methods to steal user accounts and then impersonate victims to scam their friends. As digital assets become more popular, scam techniques targeting Telegram users are also continuously evolving. Beosin Security Research Department has conducted an in-depth analysis and compiled common scam routines and protective guidelines for everyone.

The Telegram Scam Risks You May Face

Due to its cross-platform features and relatively private communication environment, Telegram has become the primary communication tool in the crypto community. However, these same features also make it a “hunting ground” for scammers. Understanding scam methods is the first step in prevention.

Six Major Scam Routines You Must Know

Verification Code Screenshot Scam — The “Newest” Tactic

This is the most common method for account theft recently. The scam process usually involves three steps:

First, scammers obtain your Telegram-linked phone number. If your privacy settings allow anyone to view your phone number, strangers can easily find your account. Alternatively, they may first hack into one of your friends’ accounts and then find you through the friend list.

Second, scammers will fabricate various reasons to trick you into sending chat screenshots. They might claim your account is abnormal and needs verification; or say that a contact appears repeatedly, asking you to send a screenshot for confirmation. Meanwhile, scammers will attempt to log into Telegram on other devices using your phone number.

Finally, if you accidentally send a screenshot containing your login verification code, and you haven’t enabled two-step verification, the scammer can directly log into your account. They will then delete all login device records, change your password, and start impersonating you to scam your contacts.

Impersonating Official Scam Texts

These scam messages claim that your Telegram account violates usage rules and will soon be restricted, requiring you to click a link to log in and解除限制. Once you click, your account will be stolen.

Hidden Backdoor Programs

Since Telegram does not have an official Chinese installation package, many users search for Chinese versions via search engines. Scammers exploit SEO optimization techniques to push versions of Telegram with backdoors to the top of search rankings.

These backdoored programs can automatically scan your chat for blockchain wallet addresses and replace them with scammer addresses when you send messages. According to Beosin tests, the wallet address you originally intended to send is secretly replaced, causing funds to be directly transferred into the scammer’s wallet.

Fake Chinese Language Packs

Some imitation Telegram Chinese localization channels distribute language packs with backdoors. Beosin security team analysis found that these language packs are actually downloaders that, once run, download multiple malicious modules and attempt to bypass security software detection, even using techniques like mouse movement detection to evade sandbox analysis.

Bots Stealing Passwords and Verification Codes

Foreign security researchers have discovered that some criminal organizations use Telegram bots to steal users’ OTP tokens and SMS verification codes to bypass two-factor authentication. Attackers will call victims via bots, impersonating banks or legitimate service providers, and trick users into providing verification codes. The scammers can then use these codes to hijack accounts, steal passwords, and obtain login credentials and credit card information.

Fake “High-Yield Investment” Promises

Scammers impersonate crypto experts, commenting on Twitter or directly messaging Telegram users, promising high investment returns. Once you agree to participate, they will ask you to open an account on a designated exchange. During this process, they display fake charts showing your investment growth. But when you try to withdraw, the scammers and your account will have already disappeared.

Step-by-Step Prevention — These Security Measures Are Essential

Enable Two-Step Verification Immediately and Set Up a Secure Email

This is the first line of defense against account theft. Go to “Settings” → “Privacy and Security” → “Two-Step Verification” and set a password only you know. It’s highly recommended to also set up a security email, so you can reset your password via email if you forget your two-step verification password.

Download Only from Official Websites, Reject Third-Party Clients

If you downloaded the Telegram installer from a web search, uninstall it immediately and reinstall from the official website. Third-party clients can read all your chat records, steal device information, or even control your entire account. Always download only from Telegram’s official site.

Be Cautious of Strangers and Bots

Do not provide personal information such as your name, username, phone number, email, or password to any bots or strangers. Be vigilant about unsolicited messages; do not trust them easily. Be cautious with unknown files and links. If disturbed, you can block the sender directly.

Verify Wallet Addresses Multiple Times Before Transferring

Before sending any wallet address, confirm it multiple times with the other party. The safest way is to exchange wallet addresses via screenshots or QR code scans rather than copying and pasting.

Regularly Check Login Devices and Force Logout of Suspicious Devices

Periodically review “Privacy and Security” for login devices and IP addresses. Immediately force logout of any unfamiliar devices or IPs.

Hide Phone Number and Restrict Group Invites

In “Settings” → “Privacy and Security,” disable “Share my phone number” (default enabled). Also, set your phone number to hidden, hide online status and profile picture information. Most importantly, prevent non-contacts from adding you to strangers’ groups, significantly reducing scam risks.

Use Official Verification Tools to Identify Impersonators

To further prevent Telegram scams, Beosin’s official website has launched a security verification feature. You can verify by entering the contact card information of Beosin staff you’ve communicated with—if the verification passes, it indicates a legitimate official contact; if it fails, beware that you may be dealing with an impersonator.

This verification tool adds an important layer of protection against Telegram scams, making it easier to spot fake identities.

By mastering these protective points, you can greatly reduce the risk of Telegram scams. Security is not static; stay vigilant, regularly review your settings, and update your knowledge promptly. Long-term asset protection depends on continuous awareness.