Fake “Bantuan Ramadan” Scams Used to Hijack Telegram Accounts in Malaysia, Says Kaspersky
Kaspersky’s cybersecurity researchers have identified Ramadan-themed scams circulating online that impersonate government aid programmes and attempt to steal users’ credentials from Telegram accounts.
How the Scam Works
In one campaign observed by Kaspersky, scammers use a page posing as a “Bantuan Ramadan RM500” aid offer, prompting victims to submit their personal details and phone numbers linked to their Telegram accounts under the pretext of checking eligibility for festive financial assistance.
The primary objective of such a scheme is often account hijacking instead of committing financial theft at the first stage. Once attackers gain access to a victim’s Telegram account, they may use it to spread scam messages or malicious links to contacts, allowing the fraud to scale through trusted social circles.
Festive and financial aid disbursement periods are frequently exploited by cybercriminals, who mimic the language,
visual design and tone of official announcements to make scams harder for users to distinguish from official communications.
Festive-themed scams are part of a wider cyber threat landscape affecting internet users in Malaysia.
According to Kaspersky telemetry, a total of 18,875,669 different web-borne cyberthreats were detected locally throughout 2025, highlighting the scale of persistent risks Malaysians face online.
Malaysian authorities have also warned the public about a range of Ramadan-related scams circulating online. In a recent advisory, the National Security Council (Majlis Keselamatan Negara, MKN) highlighted several tactics used by scammers during the fasting month, including fake financial assistance schemes such as “e-Tunai” offers, phishing messages disguised as iftar invitations or promotions, fraudulent zakat and donation appeals, as well as “belanja raya” scams that promise festive rewards and financial support.
“People often believe they can recognise scams instinctively, but modern scams and phishing schemes are designed to exploit that assumption. With advances in technology, cybercriminals can mimic websites of trusted brands, organisations and familiar narratives, making fraudulent messages appear convincing at first glance. This is why having a dedicated cybersecurity protection on smartphones and computers is increasingly important, as security solutions can help detect malicious links, phishing attempts and suspicious apps before they cause harm,” said Simon Tung, General Manager for ASEAN and Asia Emerging Countries (AEC) at Kaspersky.
To stay safe from online scams during the Ramadan period, Kaspersky recommends: –
Verify before clicking: Avoid clicking on links sent by unknown accounts on messengers, social media accounts or suspicious emails, especially those offering financial assistance or festive rewards.
Check suspicious numbers or accounts: Use trusted anti-scam resources such as the Semak Mule portal to verify whether a bank account or phone number has been reported for fraudulent activities.
Call 997: If you fall victim to scams, immediately contact the National Scam Response Centre (NSRC) by calling 997, which operates 24 hours a day to help victims respond quickly.
Install trusted security software: A reliable cybersecurity solution can help detect and block phishing attempts and malicious links in real time. The Kaspersky Premium provides comprehensive protection against web and on-device threats, blocks malicious links, and monitors data leaks.
To help Malaysians better protect themselves against ever-changing cyber threats, Kaspersky is offering up to 19% off Kaspersky Premium plans this Ramadan and Hari Raya. Every eligible purchase made before 31 March 2026 also comes with a free RM30 TNG Reload Pin.
