It has been reported that a few Chinese websites are sending phishing links to users promising free Diwali gifts. The threat actor campaign is mostly targeting women and asks to share the link among peers on social media accounts.
These fake messages are circulating on various social media platforms like WhatsApp, Instagram, Telegram etc. The links are being sent with an intention of stealing users’ personal information like their bank account details, phone numbers and more.
The Indian Computer Emergency Response Team (CERT-In) also explained that most of these phishing websites are from China as these websites use Chinese .cn domain extensions, while others use extensions such as .xyz and .top.
Users first get a link which promises them unrealistic benefits. Innocent users are lured to click on the link to claim the prizes. When the user clicks on the link, he/she is greeted with a fake congratulations message, which further pushes the user to fill in their personal details. Once all the details are filled in, the user is then asked to share them among friends and relatives to claim the prize. While trying to get a free gift, the user ends up revealing all their personal data to hackers.
Users need to be cautious of links that do not appear genuine. They should always check the source and whether the link is framed properly. The domain name should always be checked and should be avoided to click if the link seems to be from an invalid source. And even if you end up clicking on the link, you should never reveal your personal data.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
