Chinese websites may steal users’ data via fake gift offers

In an advisory, CERT-In, under the IT Ministry, cautioned users against adwares targeting prominent brands and tricking customers in fraudulent phishing and scams.

“Fake messages are in circulation on various social media platforms (WhatsApp, Telegram, Instagram, etc.) that falsely claim a festive offer luring users into gift links and prizes,” it said.

“The threat actor campaign is mostly targeting women and asking to share the links among peers over WhatsApp/Telegram/Instagram accounts,” it added.

The victim receives a message containing a link to a phishing website similar to the websites of popular brands, and are lured with a false claim of a special festive offer of prizes or money on answering a questionnaire. The attackers then entice the users to give sensitive information like personal details, bank account details, passwords, OTPs, or use it for adware, and other adversarial purposes. The website links involved are mostly Chinese (.cn) domains and other extensions such as .top, .xyz.

These attack campaigns can effectively jeopardise the privacy and security of sensitive customer data and result in financial frauds, the advisory noted.

Disclaimer: This story is auto-aggregated by a computer program and has not been created or edited by FreshersLIVE.Publisher : IANS-Media

Leave a Comment

Your email address will not be published. Required fields are marked *