In an advisory, CERT-In, under the IT Ministry, has warned citizens that amid the festive season in the country free gift offers can be a trick by Chinese websites to steal users’ confidential information.
The government cyber cell has cautioned users against adwares targeting prominent brands and tricking customers in fraudulent phishing and scams. These attack campaigns can effectively jeopardise the privacy and security of sensitive customer data and result in financial frauds, the advisory noted.
CERT-In said, “Fake messages are in circulation on various social media platforms (WhatsApp, Telegram, Instagram, etc.) that falsely claim a festive offer luring users into gift links and prizes,” it said.
They also added that these fake messages are targeting women and asking them to share the links on their social media.
The victims are receiving messages that have a false claim of a special festive offer of prizes or money on answering a questionnaire. These messages contain a link to a phishing website that looks similar to the websites of popular brands. The attackers then entice the users to give sensitive information like personal details, passwords, bank account details, OTPs, or use it for adware, and other adversarial purposes.
The website links involved are mostly Chinese (.cn) domains and other extensions such as .top, .xyz.
With inputs from IANS