On Thursday, cyber-security researchers in India announced the discovery of a malicious free present marketing campaign managed by China-based hackers to gather personal user data. The marketing campaign is pretending to be an offer from Tata Motors, the biggest automobile manufacturing company in India, reports IANS.
The analysis workforce at New Delhi-based CyberPeace Foundation received some malicious links via WhatsApp, related to a free gift offer from Tata Motors, accumulating personal information about customers together with their browser and system information.
“The campaign is pretended to be an offer from Tata Motors but hosted on the third-party domain instead of the official website of Tata Motors which makes it more suspicious,” the research team stated.
This malicious campaign being operated on a fake website is titled “Tata Motors Cars, Celebrates sales exceeding 30 million”. On the landing page, a congratulations message is displayed with an attractive photo of a Tata Safari car. Users are asked to participate in a quick survey to get a free TATA Safari vehicle.
“Also, at the bottom of this page, a section comes up which seems to be a Facebook comment section where many users have commented about how the offer is beneficial,” the researchers revealed.
After clicking the OK button, users are given three chances to win the prize.
After finishing all the attempts, it says that the user has won “TATA SAFARI”.
“Congratulations! You did it! You won the TATA SAFARI!” Clicking on the ‘OK’ button, it then instructs users to share the campaign with friends on WhatsApp. The user doesn’t actually end up winning the car, the page simply keeps redirecting the user to multiple advertisements webpages. The Foundation recommended that people avoid opening such messages sent via social platforms.
According to the researchers, hackers are using Cloudflare technologies to hide the real IP addresses of the front-end domain names used in the free gifts from Tata Motors campaign.
The CyberPeace Foundation, a think tank and non-governmental organization of experts in the field of cybersecurity and policy, has collaborated with Autobot Infosec Private Limited to investigate this realization that these sites are online fraud.
