Public Advisory on Telegram Hijacking

Following an increasing number of recent reports from local Telegram users, Brunei Computer Emergency Response Team (BruCERT) has issued a cybersecurity advisory to alert the public of the urgent threat of Telegram accounts being hijacked by scammers.

The scammer will first attempt to login to a user’s Telegram account, causing the user to automatically receive a message from Telegram containing a 5-digit login code. The user will then receive a message from someone who is either a complete stranger or appears to be a friend or family member from their contact list, requesting a screenshot of the user’s Telegram chats. As the 5-digit login code would be visible in the screenshot, the scammer will then be able to use the code to take over the user’s account. Since the scammers do not ask for the login code directly, some users will unwittingly comply with the request.

Using a hijacked Telegram account, the scammer will then contact people in the victim’s contact list. While masquerading as the user of the hijacked account, the scammer will use various pretexts to request for money to be transferred to a specific local bank account.

The public is advised to beware of unusual requests received over Telegram or other messaging apps, and to call the sender to double check the legitimacy of the request. Users should never share verification codes and must exercise extreme caution when divulging confidential information.

For more details on this advisory and on how to secure your Telegram account, please refer to the official advisory which can be viewed at BruCERT’s public awareness website www.secureverifyconnect.info

To report a cybersecurity incident, please contact BruCERT by email to
reporting@brucert.org.bn or call 2458001, or WhatsApp 7170766.