Cybercriminals are using Telegram bots to steal one-time password tokens (OTPs) and defraud people through banks and online payment systems, including PayPal, Apple Pay and Google Pay, new research has found.
Researchers from Intel 471 discovered the campaign, which has been operational since June, they said in a report published Wednesday.
“Two-factor authentication is one of the easiest ways for people to protect any online account,” researchers noted in the post. “So, of course criminals are trying to circumvent that protection.”