The 72-Hour Nightmare That Taught Me About Digital Security
Zoom image will be displayed
It started with an innocent-looking Telegram message:
“Your package is delayed. Track it here: t.me/parcel_bot”
I tapped the link—because who hasn’t waited for a package?— and instantly my phone got hotter than a frying pan. Within minutes:
- My Instagram was posting crypto scams
- My Gmail forwarded passwords to a Russian IP
- My PayPal sent $3,000 to “Electronics LLC” (which doesn’t exist)
This is how Telegram bot scams work in 2024 and how I fought my way back.
Phase 1: The Bait
The bot mimicked a legit shipping notification, complete with fake tracking numbers and a “Customer Support” option. Classic social engineering.
Phase 2: The Payload
Clicking the link installed:
- A keylogger (tracking every tap)
- A session hijacker (stealing active logins)
- A clipboard malware…