New Delhi,UPDATED: Nov 10, 2023 09:46 IST
As the Diwali festivities light up, there’s a dark side lurking online. CloudSEK’s cyber researchers have unearthed a surge in sneaky online scams preying on the festive cheer. These shady schemes are hitting Diwali shoppers hard, especially on popular platforms like Flipkart and Amazon.
What’s the deal? Well, CloudSEK’s team uncovered a bunch of phishing campaigns that aim to mess with recharge and e-commerce sectors. These bad actors are out to spoil the names of big brands, using tactics like crypto redirects and betting schemes to ramp up their game during the festive season.
Just last week, the CloudSEK squad dug up a whopping 828 dodgy domains from the Facebook Ads Library. These domains were all about phishing, trying to trick people into revealing their info. Rishika Desai, the head honcho of cyber intelligence at CloudSEK, spilled the beans on the surge of fake shopping websites this year. She warns that these scams can go beyond just messing with your online shopping – they can turn into full-blown financial fraud. Hackers might even pretend to be customer service reps to fool unsuspecting shoppers.
Why does this matter? Well, spotting these tricks early can save a lot of people from getting scammed during the Diwali season. Cybercriminals are savvy – they know people are in a festive mood and might let their guard down.
Now, let’s talk about the tricks these scammers are using. With everyone going crazy for Diwali shopping, a bunch of new websites with ‘Diwali’ in their name popped up, pretending to be big Indian e-commerce players. They even used tricky tactics like typosquatting to make their fake sites look legit. For instance, they turned ‘shop.com’ into ‘shoop.xyz’ – same look, same content, just out to trick you.
The CloudSEK team took action, reporting these fake sites to the authorities, but here’s the kicker – most of these scammy sites had an admin panel. Even though the sites were taken down, an error message on the backend hinted at something fishy.
But that’s not all – there’s a whole betting game going on too. Websites with keywords like ‘Diwali’ and ‘Pooja’ were found hosting in Hong Kong and redirecting to Chinese betting pages. Cybercriminals love Diwali because it’s the perfect time to lure unsuspecting users with fake gambling sites.
And here’s the cherry on top – cryptocurrency scams. On social media, users were being tricked into registering on sketchy crypto websites with promises of Diwali freebies. These scammers know how to make a tempting offer, like free life insurance and special coins, to get users to sign up for dubious crypto platforms.
Rishika Desai warns, “There can be multiple instances similar to this found online, where users are leveraging Diwali freebies to get maximum registrations to such questionable crypto platforms.”
Stay sharp, Diwali shoppers! These cyber tricksters are out in full force, and a little extra caution can go a long way in keeping your festivities scam-free. Report anything fishy, and let’s make this Diwali a safe and joyful one!