We at Kaspersky recently conducted a study and found that the average person spends $938 a year on 12 subscriptions. This just confirms that in today’s world, being subscribed to numerous services is just as much a part of everyday life as having your smartphone with you at all times.
There are subscriptions for everything: music, movies, fitness, security solutions, and even messaging apps. In this article, we’ll focus on one of the latter — Telegram Premium, a subscription that doubles almost all the messenger’s free-version’s limits. And the coolest thing about it is that you can give it to your friends as a present. If you have a large contact list, Telegram frequently reminds you of this possibility. Of course, scammers are exploiting this feature, sending out fake Telegram Premium gift subscriptions left and right.
So what’s behind these gift subscriptions from cybercriminals — and how can you protect your Telegram account?
How the Telegram gift-subscription scam works
It all starts with an innocent-looking Telegram message from someone in your contact list (actually — an impostor): “You’ve been sent a gift — a Telegram Premium subscription”. Beneath it is a link that, at first glance, seems legitimate. And indeed, it leads to an official-looking Telegram Premium channel. But there’s a catch…
Admit it, receiving a message like this feels great, and in a moment of excitement, it’s easy not to cotton on to the trap
The text you see — https://t.me/premium — actually hides a link to a completely different phishing page. It’s a simple trick. Consider this example: here’s a link to the Kaspersky Daily blog homepage — https://kaspersky.com/blog, but it actually redirects to the homepage of our other blog, Securelist. Scammers use the same principle: they mask their phishing links with seemingly legitimate addresses.
Let’s return to the Telegram gift-subscriptions scam. The phishing page looks like a regular Telegram login page in a browser. However, the scam is betrayed by the dodgy URL: the address starts with the familiar https://t.me, but then has something extra, which wouldn’t be there if were a legitimate page:
Nice try, scammers — it looks almost identical to the real site
If you enter your account details here, consider them stolen. Your user name, password, and possibly your two-factor authentication code will end up in bad guys’ hands. Once you’ve handed over your credentials, the scammers display a congratulatory message and start a 24-hour timer, claiming it’s the activation period for Telegram Premium. This delay is a classic cybercriminal tactic. They’re counting on the user either forgetting about the subscription or believing it’s genuinely on its way. Most likely, the only thing that will happen during these 24 hours is that you’ll permanently lose access to your account.
After 24 hours, the timer ends, but the subscription never materializes
How else do scammers exploit gift Telegram subscriptions?
Since Telegram Premium launched several years ago, various scam scenarios have emerged. Unsurprisingly, these scams bear similarities to other primitive forms of fraud we frequently discuss on the Kaspersky Daily blog.
For example, cybercriminals might claim to host a free raffle for a three-month Telegram Premium subscription. However, there’s no real drawing of the winning “tickets” — everyone’s a winner; however, the prize isn’t a genuine gift subscription. Victims are directed to click a link and log in to Telegram on a phishing site. And that’s where their accounts get compromised.
Cybercriminals play to your ego with false claims like: “You’ve been selected as one of seven participants in our exclusive prize draw!”
Another common tactic involves distributing APK files for supposedly “hacked” Telegram apps bundled with Premium subscriptions. Needless to say, such modified apps are often nothing more than malware in disguise.
Always be skeptical of allegedly hacked or alternative versions of popular apps
Now, you’ll have noticed that the screenshots above are in various languages. The fact is that these scammers operate all over the world, and if this scheme hasn’t reached your region yet, rest assured it surely soon will. Therefore, you should ensure the security of your devices and accounts with reliable protection.
How to protect your Telegram account
To start, we recommend setting up your Telegram security and privacy using our guide. If you’ve already done this, here are some additional tips to help you avoid becoming a victim of these and other scams:
- Remember that there’s no such thing as a free lunch. Before celebrating a sudden gift, double-check if the sender really has good intentions. At the very least, contact them via a different communication channel — call them, use another messenger, or verify in person. As your personal account is at stake, you’d better err on the side of excessive caution.
- Purchase subscriptions only through official channels. Telegram, for example, has a designated bot for buying subscriptions.
- Enable two-factor authentication. This could be your last line of defense in case you fall for a scam. One way to store your 2FA tokens conveniently and securely is in Kaspersky Password Manager.
- Learn more about other ways scammers can steal your Telegram account. There are countless fraudulent schemes — many of which are more sophisticated than they appear.
- Slow down, even if you’re being rushed. Scammers love pressuring victims with timers. When it comes to your digital safety, ignore countdowns and take your time.
- Be cautious about alternative versions of apps. We recommend only using official apps, because unofficial versions are almost always loaded with Trojans.
Kaspersky official blog –
