CloudSEK's threat research team has discovered a rise in malicious activities targeted at festive shoppers during the Diwali celebrations, which is a reminder of how vulnerable shoppers are to malicious activity. Cyber experts have noticed that phishing scams and fraud schemes have increased as a result of the festival season and are targeting consumers with a variety of fraudulent schemes and scams designed to take advantage of the occasion.
Amidst the festive season of Diwali, there's a dark side lurking about the internet that needs to be addressed. A hacker team at CloudSEK has revealed that the holiday season is leading to the emergence of numerous sneaky online scams. Diwali shoppers are being hit hard by these shady schemes, especially on popular platforms to get the best deals in time for the special day.
A series of phishing campaigns have been discovered by CloudSEK’s cyber intelligence team which is targeting the recharge and e-commerce industries to disrupt their operation. As a result of these malicious actors, prominent brands' reputations are being tarnished, causing them to cease their operations during the festive season so that they can intensify their activities using tactics such as crypto redirects and betting schemes.
CloudSEK has recently detected 828 suspicious domains linked to phishing activities, in which the culprits attempt to deceive individuals into divulging their personal information by falsely presenting themselves as an official Facebook page. It has been reported that the head of cloud surveillance platform CloudSEK, Rishika Desai, has shed light on the spike in fake shopping websites during the Diwali celebrations this year.
There have been reports that these scams have gone beyond mere disruption of online shopping for a customer to full-blown financial fraud that involves hackers posing as customer service representatives and swindling unknowing consumers out of their money.
In the case of Diwali, when cybercriminals exploit the festive mood, exploiting potential lapses in vigilance among celebrants, early detection of these tactics must be explored to avoid potential repercussions.
During the holiday season, many new websites have emerged with the name 'Diwali' in them, pretending to be huge Indian e-commerce sites, posing as big Indian e-commerce players. They even used tricky tricks like typosquatting to make their fake sites appear genuine.
They changed 'shop.com' into 'shoop. Xyz - the same look, same content, just out to fool you into thinking they had done it.
Newly registered Diwali domains closely mimic the brands of leading Indian e-commerce vendors, exploiting the massive demand from e-commerce consumers.
Phishing campaigns are exploiting this demand. In particular, typosquatting techniques can create a sense of legitimacy in a less technologically advanced audience by giving these domains a sense of legitimacy.
There is an interesting aspect to the fraud discovered by CloudSEK that most of these fraudulent websites featured admin panels.
Upon receiving the report, these pages were promptly removed and reported as brand abuse. However, an error message appeared on the backend of most of these sites.
The researchers at CloudSEK, along with many of their colleagues, were able to identify instances of betting redirects, including domains with keywords like 'Diwali' and 'Pooja', hosted by Megalayer in Hong Kong.
It was discovered that fraudsters exploited the increased internet traffic during to Diwali period to redirect users to various Chinese betting sites. Cybercriminals exploit the increase in internet traffic to build malicious sites that mimic actual gambling sites to target traffic.
The redirection of cryptocurrency websites was also found on social media channels, where genuine users were misled into registering with unreliable cryptocurrency websites through the use of cryptocurrency redirects.
It is common for cybercriminals to lure users to questionable crypto platforms by offering them freebies, resulting in potential financial losses.
"Hackers often employ cunning tactics such as giving users freebies or bribes to lure them into creating accounts," said Rishika Desai, urging users to exercise caution, stay vigilant, and report any suspicious activity to prevent becoming victims of such frauds.
As the festive season approaches, users are strongly advised to exercise caution, remain vigilant, and report any suspicious activities to prevent falling victim to these frauds. Once hooked, victims are gradually encouraged to deposit funds, often leading to substantial financial losses."
There has been an e-commerce website selling jewellery identified as promoting a Trojan application and encouraging customers to download it. The domain name included the word 'Diwali', which leads to the application containing Android Trojan malware.
Here Are Some Tips to Stay Safe This Diwali
- It is recommended not to open emails or messages that seem suspicious.
- Clicking on links or attachments from individuals you do not know is a bad idea.
- When sharing links on social media from sources users are not familiar with, they should proceed with caution.
- Gift cards should be purchased from a reputable source.
- It is also important to be aware of job ads that promise high salaries for minimal work.
These might be scams and should be avoided. Send a report to the moderator so that the post can be investigated.
Several digital tricksters are working in full force during Diwali, so Diwali shoppers are advised to remain vigilant.
To keep from being victimized by online scams, it is recommended to take a little extra precaution when purchasing gifts online. As part of ensuring that a safe and joyful Diwali celebration takes place for all, it is crucial to report any suspicious activity.