Festive seasons are a time for celebration, connection, and goodwill. But while organisations and employees prepare for Hari Raya, cybercriminals are preparing for something else — opportunity.
As reported by NST, cybersecurity firm Kaspersky has warned of a new wave of Ramadan-themed scams circulating online in Malaysia, in which fraudsters impersonate government aid programmes to hijack users’ Telegram accounts.
These attacks are not random. They are carefully designed to exploit trust, urgency, and human behaviour — making them far more dangerous than traditional cyber threats.
For organisations, this is no longer just a personal cybersecurity issue. It is a business risk that can lead to financial loss, data breaches, and reputational damage.
The Rise of Festive-Themed Social Engineering Attacks
Cybercriminals understand one key fact: people are more vulnerable during festive periods.
During Ramadan and the Hari Raya season:
- Employees are more distracted and less likely to scrutinise messages
- There is increased anticipation of financial aid, bonuses, or promotions
- Messages related to “Bantuan” or festive support appear more believable
- Attackers exploit urgency with phrases like “limited time” or “claim now”
In the recent campaign, scammers used fake Ramadan aid offers to trick victims into sharing personal details and verification codes — ultimately leading to Telegram account hijacking.
This shows a clear shift: attackers are no longer just targeting systems — they are targeting timing and emotion.
How Telegram Account Hijacking Works
These attacks are simple, fast, and highly effective.
A typical attack flow looks like this:
- Victim receives a message or link promoting “Ramadan aid”
- The link leads to a fake website impersonating a legitimate source
- The victim enters their phone number and personal details
- A Telegram verification (OTP) is triggered
- The victim unknowingly shares the OTP with the attacker
Within minutes, the attacker gains full control of the victim’s Telegram account.
Once inside, they:
- Send phishing messages to the victim’s contacts
- Spread malicious links through trusted conversations
- Expand the attack across personal and business networks
Because the messages come from a known and trusted contact, the likelihood of others falling victim increases significantly.
Why Employees Are the Weakest Link
Modern cyberattacks are no longer just technical — they are psychological.
Social engineering tactics used in these attacks include:
- Authority: Impersonating government agencies or company representatives
- Urgency: Pressuring victims to act quickly without thinking
- Trust: Leveraging familiar names or known contacts
- Incentives: Offering financial aid or rewards
Employees are often targeted because they:
- Have access to internal systems and sensitive information
- Are part of trusted communication networks
- May not be trained to recognise advanced phishing tactics
This is why even a single compromised account can quickly escalate into a wider organisational threat.
The Real Business Impact
Many organisations underestimate phishing and social engineering attacks, assuming they only affect individuals.
In reality, the consequences can be severe:
- Compromised accounts can lead to unauthorised system access
- Sensitive data may be exposed or stolen
- Attackers may launch internal scams (e.g. fake payment requests)
- Organisations risk regulatory penalties and compliance issues
- Brand reputation can be damaged if clients or partners are affected
What starts as a simple phishing attempt can quickly evolve into a full-scale cybersecurity incident.
What Organisations Should Do Now
To effectively defend against phishing and social engineering attacks, organisations must go beyond basic security tools.
Key steps include:
- Security Awareness Training
Regular training helps employees recognise and respond to phishing attempts - Phishing Simulations
Testing employees with real-world scenarios improves preparedness - Multi-Factor Authentication (MFA)
Adds an extra layer of protection against account takeovers - Clear Reporting Processes
Employees should know exactly how to report suspicious emails or messages - Strong Security Controls
Implement email filtering, endpoint protection, and monitoring solutions
The goal is simple: build a culture where employees pause, verify, and think before they click.
Conclusion: Cybersecurity Is a Human Problem
The recent Telegram hijacking scams highlight an important reality — cybercriminals are no longer just attacking systems. They are exploiting human trust.
Festive periods like Ramadan and Hari Raya create the perfect environment for these attacks to succeed.
Organisations that fail to address this risk will continue to face:
- Avoidable security incidents
- Financial losses
- Operational disruptions
Cybersecurity today is not just about technology. It is about people, behaviour, and awareness.
Take Action Today
Don’t wait for an incident to happen.
At Condition Zebra, we provide a structured approach to help organisations identify risks, respond to threats, and build strong security awareness across all levels.
Our approach combines technical assessments, continuous monitoring, and practical training to strengthen your overall cybersecurity posture.
• Vulnerability Assessment & Penetration Testing (VAPT) – Identify weaknesses across applications, networks, and systems before they can be exploited.
• Managed Detection & Response (MDR) – 24/7 monitoring to detect, investigate, and respond to threats in real time.
• Security Awareness Training – Equip employees to recognise and prevent phishing and social engineering attacks.
• Cybersecurity Training (Online or In-Person) – Covering areas such as Network/Web Penetration Testing and Digital Forensics.
📩 Contact us for a free consultation to learn how our solutions can protect your organisation.
Sources:
Cybercriminals target Telegram accounts during festive season, says Kaspersky
Share this: