As India gears up to celebrate the joyous occasion of Diwali, Chinese websites and organised cybercriminal gangs based out of China seem to have made plans to make it gloomy, financially that it, for gullible Indians not well-versed with modern information technology and digital payments.
Indian computer emergency response team (CERT-In), which has been mandated by the Union government to look after Indian cyber security issues, has issued an advisory for people to be wary of fake messages in circulation on social media which are linked to external websites with Chinese domains.
These fake messages are usually circulated on WhatsApp and Instagram. They typically mention claims of festive offers, along with a link to an external website, which is a bait to lure the unsuspecting user to a bogus Chinese website or right into the lap of a group of Chinese cybercriminals.
According to CERT-In, the threat actors behind these campaigns are mostly “targeting women and asking them to share the link among peers on WhatsApp/Telegram/Instagram accounts.”
“The website links involved here are mostly Chinese with .cn domains and other domains, such as .top, .xyz. These attack campaigns can effectively jeopardise the privacy and security of sensitive customer data and result in financial frauds,” CERT-In said in its advisory.
Satnam Narang, senior staff research engineer, Tenable, a US-based cyber security company, says that festive holidays, such as Diwali provide cyber scammers with a perfect hook to capture the attention of potential victims through the offer of Diwali gifts, both in cash or kind.
“Many of the scams targeting users in India and around the world about Diwali seem to be phishing for your personal information, including your physical address,” Narang adds.
Narang says that “the timeless advice of there being no such thing as a free lunch holds true in this case, too,” and should be the first sign of a red flag if things seem too good to be true.
“There’s no such thing as a free lunch, and in this case, there’s no free gift or money waiting for you. If you receive such messages on your social networks or on WhatsApp, please don’t provide any sensitive information or forward it to friends.”
Picture showing the Chinese cyber security scam campaign with a Chinese domain extension. Source: CERT-In
How To Stay Safe From This Type of Cyber Scam Campaigns?
Circulating fake messages is just one of the many ways in which hackers are executing these scams. There are other modus operandi, too.
In light of this, here are a few basics you should follow to stay safe, according to cyber security experts.
Watch The Address Bar of Your Browser For Security Certificate – Https: Pinakin Dave, country manager (India and SAARC region) at OneSpan, a Chicago-based cyber security company, says that most genuine websites will have a valid security certificate, and their url will start with https, not http.
“If people are clicking on forwarded links and see that the website is http, then it means that the data passing through the website and your system is not encrypted, and it can be intercepted mid-way by any third party,” Dave adds.
Names Might Be Common, But Domain Extensions Unknown – So Notice Changes: Karmesh Gupta, CEO and co-founder, WiJungle, a Haryana-based cyber security company, pointed out that people sometimes fail to do proper scrutiny once they see a familiar sounding website. But what they should also notice is the “domain extension.”
Gupta explains with an example. “When people are on websites, they should carefully see the domain extension. For instance, it should be flipkart.com and not any other .domains. Likewise, people should see the full website name and then notice its interface, because there is a chance that the fake website has copied the interface to look like the genuine one, but there will always be certain experiences that they failed to copy or made different from the original.
“These fraud websites have a deceiving interface. They tend to look similar to the original ones, but once you log into them, they are totally different,” Gupta says.
Do Not Click On External App Download Links: Android Play Store and iOS App Store have a secure and robust app listing process. But Android also has a feature that allows downloading an App using apk (android package installer) through a link.
Dave suggests users to be vigilant while doing that, since there is a high chance that the App developer is a fly-by-night operator, meaning it is here now but after the operation (hacking) is over, the App will be removed.
