CERT- In, the country’s top cyber security agency has advised against Chinese Websites Scams offering Festive gift that are to steal users data through fake website links through Message.
These attacks can effectively jeopardise the privacy and security of sensitive customer data and result in financial frauds.
CERT-In
Diwali Festive Gift offers by Chinese Websites
If you have got social media links to websites that promise free Diwali gifts, there’s a good chance that the link is from a website trying to steal your information. According to an warning issued by the Indian Computer Emergency Response Team( CERT- In), recievers are being targeted with links that lead to Chinese websites that can steal important information, including banking details.
Fake dispatches are circulating on different social media platforms( WhatsApp, Instagram, Telegrametc.) falsely claiming special festival offers to tempt receivers in gift links and prizes. The trouble Actor scam is generally targeting women and asks for sharing of links among peers on WhatsApp/ Telegram/ Instagram accounts.
said the CERT- in advisory
The National Cyber Security Agency said that maximum number of these websites use the Chinese. cn tld extension, while others use extensions like as. xyz and. top.
How it works
First, the people receives a message containing this link. It may have come from other victims who have been asked to send the link with their buddies and family. Once a receiver clicks on the link, they’re first welcomed by a false” congratulation” greetings. Next, they’re asked to fill in the details in a questionnaire.
After the victim fills out a questionnaire, they’re asked to choose a” gift” from a set of products & prizes. Once a user does so, they’re greeted by another false congratulatory message asking them to send the message with buddies and groups on WhatsApp or other social media platforms to claim the prize.
How to avoid this fraud
To avoid similar frauds, first of all, you need to make sure that you don’t click on a link from a website that you don’t trust. Indeed if a link looks like it’ll take you to a licit website, double- check to make sure it is not a variation of some-form. However, get query of websites on Google or other search engines to see if they’re safe, If you have any suspicions.
Flash back that safe associations won’t ask for your login details, credit card number or other credentials through the questionnaire. Also, make sure that you keep your own information private and don’t share it unless it’s with licit websites.
Avoid Financial Risk
Since similar attacks commonly involve fraudulent monetary transactions, set transfer limits for UPI and other transactions through your bank so that you can alleviate any risks you may have.
