Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Flipkart. Show all posts

Diwali Shopper Beware: Cyber Experts Uncover Fake Flipkart, Amazon Sites Exploiting Festive Fervor

 


CloudSEK's threat research team has discovered a rise in malicious activities targeted at festive shoppers during the Diwali celebrations, which is a reminder of how vulnerable shoppers are to malicious activity. Cyber experts have noticed that phishing scams and fraud schemes have increased as a result of the festival season and are targeting consumers with a variety of fraudulent schemes and scams designed to take advantage of the occasion. 

Amidst the festive season of Diwali, there's a dark side lurking about the internet that needs to be addressed. A hacker team at CloudSEK has revealed that the holiday season is leading to the emergence of numerous sneaky online scams. Diwali shoppers are being hit hard by these shady schemes, especially on popular platforms to get the best deals in time for the special day. 

A series of phishing campaigns have been discovered by CloudSEK’s cyber intelligence team which is targeting the recharge and e-commerce industries to disrupt their operation. As a result of these malicious actors, prominent brands' reputations are being tarnished, causing them to cease their operations during the festive season so that they can intensify their activities using tactics such as crypto redirects and betting schemes. 

CloudSEK has recently detected 828 suspicious domains linked to phishing activities, in which the culprits attempt to deceive individuals into divulging their personal information by falsely presenting themselves as an official Facebook page. It has been reported that the head of cloud surveillance platform CloudSEK, Rishika Desai, has shed light on the spike in fake shopping websites during the Diwali celebrations this year. 

There have been reports that these scams have gone beyond mere disruption of online shopping for a customer to full-blown financial fraud that involves hackers posing as customer service representatives and swindling unknowing consumers out of their money. 

In the case of Diwali, when cybercriminals exploit the festive mood, exploiting potential lapses in vigilance among celebrants, early detection of these tactics must be explored to avoid potential repercussions. During the holiday season, many new websites have emerged with the name 'Diwali' in them, pretending to be huge Indian e-commerce sites, posing as big Indian e-commerce players. They even used tricky tricks like typosquatting to make their fake sites appear genuine. 

They changed 'shop.com' into 'shoop. Xyz - the same look, same content, just out to fool you into thinking they had done it. Newly registered Diwali domains closely mimic the brands of leading Indian e-commerce vendors, exploiting the massive demand from e-commerce consumers. 

Phishing campaigns are exploiting this demand. In particular, typosquatting techniques can create a sense of legitimacy in a less technologically advanced audience by giving these domains a sense of legitimacy. There is an interesting aspect to the fraud discovered by CloudSEK that most of these fraudulent websites featured admin panels. 

Upon receiving the report, these pages were promptly removed and reported as brand abuse. However, an error message appeared on the backend of most of these sites. The researchers at CloudSEK, along with many of their colleagues, were able to identify instances of betting redirects, including domains with keywords like 'Diwali' and 'Pooja', hosted by Megalayer in Hong Kong. 

It was discovered that fraudsters exploited the increased internet traffic during to Diwali period to redirect users to various Chinese betting sites. Cybercriminals exploit the increase in internet traffic to build malicious sites that mimic actual gambling sites to target traffic. The redirection of cryptocurrency websites was also found on social media channels, where genuine users were misled into registering with unreliable cryptocurrency websites through the use of cryptocurrency redirects.

It is common for cybercriminals to lure users to questionable crypto platforms by offering them freebies, resulting in potential financial losses. "Hackers often employ cunning tactics such as giving users freebies or bribes to lure them into creating accounts," said Rishika Desai, urging users to exercise caution, stay vigilant, and report any suspicious activity to prevent becoming victims of such frauds. 

As the festive season approaches, users are strongly advised to exercise caution, remain vigilant, and report any suspicious activities to prevent falling victim to these frauds. Once hooked, victims are gradually encouraged to deposit funds, often leading to substantial financial losses." 

There has been an e-commerce website selling jewellery identified as promoting a Trojan application and encouraging customers to download it. The domain name included the word 'Diwali', which leads to the application containing Android Trojan malware. 

Here Are Some Tips to Stay Safe This Diwali


  1. It is recommended not to open emails or messages that seem suspicious. 
  2. Clicking on links or attachments from individuals you do not know is a bad idea. 
  3. When sharing links on social media from sources users are not familiar with, they should proceed with caution. 
  4. Gift cards should be purchased from a reputable source. 
  5. It is also important to be aware of job ads that promise high salaries for minimal work. 

These might be scams and should be avoided. Send a report to the moderator so that the post can be investigated. Several digital tricksters are working in full force during Diwali, so Diwali shoppers are advised to remain vigilant. 

To keep from being victimized by online scams, it is recommended to take a little extra precaution when purchasing gifts online. As part of ensuring that a safe and joyful Diwali celebration takes place for all, it is crucial to report any suspicious activity.

Data Breach Reported by Cleartrip: User Data Traded

On July 18, the airline and hotel booking company Cleartrip had a serious data breach after hackers allegedly posted the stolen data on the dark web.

In an email to consumers, Cleartrip stated that a security anomaly had allowed for unauthorized and illegal access to some of its internal systems. The site, which is run by e-commerce major Flipkart, informed that it is still looking into the matter and that it has hired a forensic team from outside to assist it. 

"We would like to reassure you that, other than some information, no sensitive information belonging to your Cleartrip account has been compromised due to this anomaly in our systems. The investigation has thus far shown that limited information including name, email address, and phone number are thought to have been impacted," a business official stated.

The company claimed that it has notified the Indian cyber police and is planning to take legal action if necessary.

After SpiceJet disclosed that it had been the target of a ransomware attack in May, hundreds of passengers were left detained at airports all around India. According to a TechCrunch report from 2020, a security researcher was able to breach SpiceJet's servers and obtain the personal data of 1.2 million passengers, including numerous government figures.

Cleartrip is a global online travel company that also operates in Oman, Qatar, Kuwait, Bahrain, and Saudi Arabia in addition to India. This is not the first data theft that Cleartrip has experienced, a gang known as Turtle Squad hacked the website in 2017 and temporarily vandalized it, as per the reports. 



Flipkart Users to Reset Passwords to Avoid Fraud: Cyber Expert

 

A data breach occurred recently at the e-commerce sites Flipkart and BigBasket. According to reports, BigBasket's latest data breach revealed the personal information of some Flipkart customers as well. Seven months after it was first discovered, the matter has resurfaced. 

According to an independent cybersecurity expert, an alleged leaked database may lead to unauthorized transactions from accounts of Flipkart customers who also used grocery platform BigBasket with the same user ID and passwords. 

In November, BigBasket was involved in a major data breach that exposed the personal information of over 2 crore users. Some users who shared the same credentials for Flipkart and BigBasket have complained that their accounts have been compromised as a result of the leak. As of now, this is just affecting Flipkart users. 

Cybercriminals are selling sets of email addresses and passwords of customers from allegedly leaked databases of BigBasket that match with accounts of e-commerce company Flipkart and Amazon, according to expert Rajashekhar Rajaharia. However, he said Amazon sends OTP for login when there is a change in the browser. 

'It seems, some people are selling Bigbasket Email: Password combinations as Flipkart data. People are using the same password for all websites. Almost all emails are matching with Bigbasket DB (database). Change your Flipkart Passwords asap,' Rajaharia tweeted. 

He also mentioned that Flipkart's accounts should be secured and posted account details being sold on Telegram. 

'Anyone with a combination of leaked email and password can easily log in from anywhere including VPN/TOR to Flipkart. Please mandatory 2FA ( two-factor authentication) for all accounts,' Rajaharia said. 

When contacted, a Flipkart spokesperson said that the company is absolutely dedicated to ensuring the safety and protection of customer data and that the company has "robust information security systems and controls in place." 

A Flipkart spokesperson told Inc42 in response to the data breach, “In addition, we run awareness campaigns through different media and social networks to raise awareness about fraudulent activities, educating consumers on best practices for a secure online experience and keeping their accounts safe from unscrupulous cyber elements.”