Amidst the surging Telegram scams ravaging users across India, Quick Heal Technologies Limited, a global provider of cybersecurity solutions, has identified some deeply concerning trends. An increasing number of fraudsters continue to exploit the platform’s encrypted channels to peddle fake investment schemes, lottery wins and job offers that drain bank accounts and steal identities through phishing links and malware-laden files. According to the Indian Cybercrime Coordination Centre, over ₹1,100 crore were lost to digital-arrest and investment frauds in the first half of 2025 alone. A significant portion of these scams originating from Telegram bots and private groups masquerading as legitimate trading tips or government aid.
Researchers at Seqrite Labs, India’s largest malware analysis facility, reveal that attackers initiate contact by flooding public channels with enticing messages promising quick riches via crypto trades or stock tips, then shift victims to private chats for personalised pressure tactics including deepfake videos of supposed profits and urgent calls to transfer funds. The researchers also uncovered sophisticated variants like “pig butchering” operations where scammers build trust over weeks before deploying QR codes that siphon UPI payments or install trojans disguised as trading apps. High-profile cases, such as the ₹50 crore recovery from a Telegram-led sextortion ring in Delhi, highlight the platform’s role as a scam epicentre, blending social engineering with undetectable file shares to bypass traditional filters.
Telegram’s end-to-end encryption shields criminal coordination. At the same time, its vast user base in India – over 200 million active accounts – provides fertile ground for mass deception. Complacency around “private” chats leaves users vulnerable to account takeovers and ransomware, urging immediate vigilance against unsolicited investment pitches or demands for personal details. Seqrite Labs’ ongoing monitoring reveals scammers now using AI-generated voices and cloned profiles to mimic family members or officials, amplifying the psychological manipulation.
Quick Heal’s latest version26, which now comes with the cutting-edge AntiFraud.AI integrated in it, stands as powerful countermeasures. Quick Heal version26 delivers real-time behavioural analysis to block Telegram phishing payloads and malicious downloads at the endpoint, while AntiFraud.AI employs advanced machine learning to detect scam patterns in messages, links and files before they execute. These solutions proactively combat threats across mobile devices and desktops, empowering users to reclaim control amid rising scams on Telegram and other such platforms.
Quick Heal Technologies Limited advises users to treat every unsolicited Telegram message as hostile: never click links, scan QR codes or download files from strangers, and verify claims directly through official channels like bank apps or verified websites. Enabling two-factor authentication on Telegram, muting unknown group invites and reporting suspicious channels via the app’s tools can disrupt fraudster networks, while avoiding sharing OTPs or financial details remains non-negotiable. If ensnared, users should freeze bank accounts instantly, report to cybercrime.gov.in and preserve chat screenshots as evidence for police action.
