Beware of the Chinese website: Diwali gift scam to steal users’ personal information.
Beware of the Chinese website: Diwali gift scam to steal users’ personal information.
Diwali is a festival of happiness and joy, but some scammers are trying to scam people even during this festive season. They are faking about offering Diwali gifts to people and collecting their sensitive information. Everyone needs to be more alert about these websites.
With Diwali just around the corner, many online criminals are seizing the chance to trick people with fake offers of free gifts for the holiday. Users have been warned about potential scams by India’s CERT-In (Indian Computer Emergency Response Team). According to reports, a few Chinese websites are sending customers phishing URLs that claim to offer free Diwali presents. However, the URLs are being sent with the sinister goal of stealing users’ private information, including their phone numbers, bank account information, and more.
During the festive season, messages advertising deals that seem too good to be true must be overflowing inbox folders, and these offers are frequently from mysterious vendors. A rise in online engagement and digital transactions has also increased cyber fraud, with 1.5 crore phishing assaults targeting Indians in the second quarter of this year.
Additionally, the country has imposed sanctions on Chinese marketplaces like Shein and AliExpress due to security concerns. It appears that more Chinese websites are utilizing free Diwali gifts to entice Indian customers to provide their information.
People now begin their internet shopping at home before Diwali arrives, and many emails and messages also appear during this time to defraud clients with free Diwali presents. Fraudsters have started taking advantage of people under the guise of free Diwali gifts. If you have also received such emails or messages, you should exercise caution.
There is a strong likelihood that any social media connections to websites that offer free Diwali gifts are attempts to steal your personal information. An alert released by the Indian Computer Emergency Response Team (CERT-In) claims that customers are being targeted with links that go to Chinese websites that potentially steal sensitive data, including banking information.
Fake messages purporting to be festive offers are spreading on a number of social media platforms (WhatsApp, Instagram, Telegram, etc.), tricking users into clicking on gift links and winning raffle tickets. The threat actor campaign primarily targets women and invites them to share the link with their peers on WhatsApp, Telegram, and Instagram accounts, according to the CERT-In report.
How to identify these frauds?
The information was disclosed in a warning sent by India’s Computer Emergency Response Team to consumers about links that could lead them to questionable Chinese websites. These text messages, Instagram, WhatsApp, Telegram, and other social media platforms are used to distribute these URL advertising gifts. During the holiday season, the scam primarily targets women and forces them to forward the texts to their friends and relatives.
Once on the website, the victim is prompted to complete a form with banking information and other personal data. After being prompted to select a gift, they are then presented with a message instructing them to share the link to claim their prize. The CERT-In has warned consumers not to click on suspicious-looking websites and has labeled links with the extensions .cn for China and .xyz or .top as potentially dangerous.
Phishing happens when a caller or message pretends to be a bank representative in order to obtain your account and credit card information before requesting your one-time password. This is a scam used by scammers to drain a sizable sum of money from the account by drawing people in with alluring offers. As individuals have grown more skeptical of calls over the past few years, phishing assaults have adopted a new method of operation that includes emails and phony e-commerce sites.
Stay safe from these website links
Be careful not to click on any links that direct you to shady websites if you want to avoid falling victim to such frauds. You should double-check to be sure a link isn’t a variant even if it appears to lead to a legitimate website. You can check the website’s legitimacy using Google or another search engine if you have any concerns.
So, keep that in mind, reputable companies won’t ask for your login information, credit card information, or other credentials through surveys. Don’t give out your personal information to anyone unless they have a reliable website, and use caution in general.
Set transfer restrictions for UPI and other transactions through your bank since such attacks frequently include fake financial activities to minimize any risk you may have.
Along with being cautious when using such websites, customers can avoid fraud by keeping an eye out for messages that request their credit card number or other personal information after promising inflated discounts and benefits. Setting transaction limits for online transactions made with cards and payment apps can also help you minimize the harm in the event that a phishing attempt targeting bank accounts is successful. More than 13,000 cyber fraud cases, including incidents like a teacher being defrauded after merely opening a WhatsApp link, cost Indians money in FY22, according to the RBI.
edited and proofread by nikita sharma