Your data could be stolen by Chinese hackers through a fake gifting offer

Amid the festive cheer, companies offer significant discounts to buyers across all platforms as a part of various festive sale offers. However, scammers are using this as an opportunity to steal critical user data by duping them instead of offering free gifting offers. Cert-In (Indian Computer Emergency Response Team), India’s cyber-security team, has issued an advisory informing users against falling prey to scams offering gifts and offers.

How to avoid getting scammed

Cert-In wrote in the advisory, “Fake messages are circulated on various social media platforms (WhatsApp, Telegram, Instagram, etc.) that falsely claim a festive offer luring users into gift links and prizes. The threat actor campaign is mostly targeting women and asking to share the links among peers over WhatsApp/Telegram/Instagram accounts. The website links are mostly Chinese [.cn] domains and extensions such as .top and .xyz. These attack campaigns can effectively jeopardize the privacy and security of sensitive customer data and result in financial frauds.”

Cert-In stated that there had been various reported cases where the hackers targeted prominent brands and tricked customers into fraudulent phishing attacks and scams through a link or a message on multiple social media and messaging platforms. In addition, they offer a festive offer to attract buyers to follow the link to claim the gift coupon. The attackers then scam the unsuspecting victims into compromising their sensitive information, such as bank account details, passwords, and OTPs.

To prevent yourself from falling prey to these scams, do not browse unknown websites or click on untrusted links, never give away your login details or credit card details by email or SMS, use strong passwords, and do not share your OTP with anyone.

For more technology news, product reviews, sci-tech features and updates, keep reading Digit.in.