Nearly one-third of Internet users in Vietnam have a Telegram account, but this popular messaging platform has also become a breeding ground for cybercriminals, with scams running rampant.
A prime example of this is a group on Telegram that openly advertises services like creating fake accounts, guaranteeing successful money withdrawals, and facilitating biometric transfers. These offers have become especially prominent since July 1st, when the new biometric verification regulations for money transfers came into effect in Vietnam.
This particular group, which has been active since 2023, boasts over 4,000 members and specializes in selling services such as account creation on demand and producing counterfeit documents. While the authenticity of these advertisements remains unverified, the group’s existence and its active participants highlight the dark underbelly of Telegram, where cybercriminals operate with alarming freedom.
Why is Telegram Being Compared to the “New Dark Web”?
The traditional hunting ground for cybercriminals has long been the dark web—a hidden realm of the internet where access requires specialized browsers like Tor and complex, elusive URLs. This shadowy environment allowed criminals to cloak their identities and personal data, evading law enforcement and keeping the majority of internet users at bay.
However, in recent years, Telegram has emerged as a new kind of dark web, where illicit activities are no longer concealed but rather conducted openly. Founded by billionaire Pavel Durov, this platform allows anyone to gain access with a simple download from the App Store, Play Store, or even through a regular web browser.
A July report from cybersecurity firm Kaspersky highlighted that “cybercriminals are increasingly using Telegram as a platform for underground market activities.” Through channels and groups, these criminals brazenly advertise services that are outright illegal—ranging from personal data and pornographic content to cyberattacks, weapons, and drugs. Kaspersky’s data shows a 53% increase in such posts on Telegram between May and June compared to the same period last year.
Experts attribute the rising popularity of Telegram among cybercriminals to three key factors: its widespread use, a perceived sense of safety, and easy searchability.
On July 23rd, Pavel Durov announced that Telegram had reached 950 million users—an increase of 50 million in just three months, nearly doubling from the 500 million users reported at the start of 2021. This rapid growth solidifies Telegram’s position as one of the most widely used platforms in the world.
Durov has repeatedly emphasized the platform’s commitment to user privacy, including its minimal data collection and near-total non-cooperation with governments. “This is believed to provide cybercriminals with a sense of safety and impunity,” noted Alexey Bannikov, an analyst at Kaspersky.
With tools like group chats and channels, criminals can easily create communities to share illegal information. These groups can host up to 200,000 members and can be easily found using Telegram’s own search function. “If someone can imagine it, Telegram almost certainly has it,” wrote Fortune.
In Vietnam, Telegram isn’t just being exploited for illegal exchanges—it’s also a hotspot for scammers preying on unsuspecting victims. This trend surged in 2023 with scams involving “collaborators” and “mission tasks.” Ngô Minh Hiếu, the founder of the Anti-Fraud Project, explained that scammers typically approach users through social media posts on platforms like Facebook, followed by direct messages or phone calls, eventually steering the conversation onto Telegram.
According to Hiếu, any messaging app could be used for such schemes, but Telegram’s appeal lies in its anonymity and the ability to erase traces through features like self-destructing messages. On Messenger, for instance, fake accounts can often be identified through their Facebook profiles. But Telegram requires nothing beyond a phone number for OTP verification—a number that can easily be rented or purchased through bulk service providers.
According to DataReportal’s early 2024 statistics, 32.6% of Internet users in Vietnam aged 16-64 are on Telegram—meaning roughly one in three people are using this popular app. However, while Telegram is loved by many for its convenience and rich features, it has also become a dangerous playground for those who are unaware of the lurking threats in the realm of cyber security.
A Pivotal Moment for Telegram
On its current trajectory, Telegram is poised to hit 1 billion users this year, with an ambitious goal of 1.5 billion by 2030, as envisioned by its founder, Pavel Durov. To sustain its independence, Durov has sought funding through bond investments, planned for an IPO, and begun selling advertisements. In an interview with the Financial Times, Durov disclosed that he had raised approximately $2 billion, alongside earning “hundreds of millions of dollars” from ad sales. Telegram is also revitalizing TON, a cryptocurrency that could be used for transactions within the app or for purchasing ads, with revenue-sharing possibilities for users. TON’s market capitalization currently stands at $15 billion, ranking it 9th globally.
However, these grand plans might face a drastic shift with Durov’s recent arrest.
On the morning of August 24th, Pavel Durov was apprehended upon his arrival in France. The OFMIN, the French agency responsible for preventing violence against minors, issued the arrest warrant, accusing Telegram of insufficient moderation and a lack of cooperation with authorities.
Telegram’s encryption features have been criticized for enabling criminal activities to go unchecked. This has led to Durov potentially being seen as complicit in drug trafficking, cyber violence, fraud, organized crime, and even terrorism incitement. The Telegram CEO now faces the possibility of a prison sentence of up to 20 years.
In a social media post on August 26th, Telegram responded by calling it “absurd” to hold the platform accountable for its misuse, asserting that they comply with European laws, including the Digital Services Act, and that their moderation practices “meet industry standards.”
