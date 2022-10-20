Diwali is just around the corner and many cyber attackers are making the full use of the opportunity to dupe users with free online Diwali gift scams. The Indian Computer Emergency Response Team (CERT-In) has reported and cautioned users about possible scams. It has been reported that a few Chinese websites are sending phishing links to users promising free Diwali gifts. However, the links are being sent with a nefarious intention of stealing user’s personal information like their bank account details, phone numbers and more.
The CERT-In issued an advisory explaining to people to stay alert from online scams. “Fake messages are in circulation on various social media platforms (WhatsApp, Instagram, Telegram etc) that falsely claim a festive offer luring users into gift links and prizes. The threat actor campaign is mostly targeting women and asks to share the link among peers on WhatsApp/Telegram/Instagram accounts," said the CERT-In advisory.
The advisory body also stated that most of these phishing websites are from China as these websites use Chinese .cn domain extensions, while others use extensions such as .xyz and .top.
CERT-In explained that users first get a link which promises them unrealistic benefits. Innocent users are lured to click on the link to claim the prizes. When the user clicks on the link, he/she is greeted with a fake congratulations message, which further pushes the user to fill in their personal details. Once all the details are filled in, the user is then asked to share them among friends and relatives to claim the prize. While trying to get a free gift, the user ends up revealing all their personal data to cyber attackers.
How to avoid online scam?