Telegram - Who Needs Onions..

Telegram has by and large become the most popular dark-web alternative. The days of needing a technical savvy to download Tor and use the onion router to then discover the IP address of a website hosting whatever illicit content you were looking for are gone.

For those of you who are unaware of what Telegram is, it is simply an end-to-end encrypted messaging platform—much like WhatsApp. In Telegram you can have large group chats and also represent yourself with minimal information which lends towards anonymity.

Every single criminal involved in identity theft (from the small independent scammers to the multi-million dollar scammers) use Telegram to buy/sell PII, buy fake IDs, and also communicate with each other. In fact, a typical digital evidence review post-arrest would result in most native messaging content featuring messages between conspirators like, “Check Telle,” “Ima hit you on Telle,” etc.

Telegram has become a thriving marketplace and offers a significant amount of products to include: stolen checks, counterfeiting services, data broker services using bots and scripts, credit card numbers, full banking information, etc. The information available to these scammers of the victims is so complete that it has been making the subsequent catching of the criminals that much harder on scene since they’ll oftentimes have a rehearsed knowledge of the victim knowing Social Security Numbers, phone numbers, relatives’ names, address history and more. In addition to that, the information being placed on the counterfeit IDs they’re making has become extremely specific, getting the driver’s license number, address, date of birth, issue/expiry date correct. 

All of this is simply to say that the information available for sale on Telegram has made the job of the scammer infinitely more easy and has really done a great job at compartmentalizing fraud for these scammers.

Through Telegram, I’ve even noticed that criminals are getting into their own markets. For example, I’ve found that some criminals just engage in bank account opens and will age the accounts with moderate deposits and withdrawals over the course of a 1 month, 6 months, to a year. The reason for this is that accounts that have been well aged and have some history will bear less risk to banks (generally) and have fewer deposit and withdrawal restrictions as it has been vetted. So these criminals will make these  accounts using mules as the person who opened them and then just sell the aged accounts online. I’ve seen the aged accounts going for as much as $5,000 for an account that has been opened for a year.

This marketplace has created an immense and broad opportunity for scammers while making it easier than ever to commit identity theft. Now, you can buy a bank account online, buy stolen checks online, and then just deposit them and pull the withdrawals with minimal effort.

On top of all of that, what we’re also seeing is a ton of training and pdfs being created on how to scam. Never before has knowledge and information been so readily and easily available. Telegram has truly made accessibility to scamming unprecedented and has been a legitimate challenge to law enforcement due to the fact that it is encrypted and there is so little information required upon sign up.

A final note on a more comical side, we have also seen a few instances of scammers scamming each other on Telegram. So, perhaps some poetic justice and comfort in knowing that it isn’t entirely easy for these scammers and they’re making it difficult for themselves.