The inner details
The CERT-IN has said that this threat actor is mostly targeting women by asking them for sharing links on social media among their peers The Centre is repeatedly warning users against some malicious festival-based campaign that is eyeing customers in form of links for Diwali gifts or prizes. A number of fake messages are being circulated on social media such as WhatsApp, Telegram plus Instagram. According to news from CERT-IN, a user receives some message containing the link to the phishing website on lines of those of popular brands.
An official word
The advisory states, “The customer will be lured with a false claim of a special festive offer on answering a questionnaire through which one can win money and prizes. The attackers entice the users to give sensitive information like personal details, bank account details, passwords, OTPs, or use it for adware and other adversarial purposes.” CERT-In also.mentioned that such website links belong to Chinese domains like .cn or .top and .xyz. Now, the Centre has clearly mentioned some Dos and Donts to keep in mind-
- Avoid browsing any untrusted websites and refrain from clicking any untrusted links. Exercise caution as you click on some link from any unsolicited email or message.
- Always click on those URLs that indicate a website’s domain.
- Legitimate organisations never ask you for any login credentials or card details via emails or SMS.
- Look out for any suspicious numbers that might indicate a scam.
- Download applications from verified app store only.
An end note
Arm yourself with these tips and stay safe from being scammed this festive season. Happy Diwali.
