China-based hacking groups from GuangDong and Henan province in China have targeted online shoppers during the Flipkart festive sales.
The biggest festive sale hacking emerged via Spin The Lucky Wheel Scam that emerged within days of Flipkart announcing its Big Billion Day Sale in October, said the investigation conducted by New Delhi-based CyberPeace Foundation.
Chinese scammers used this opportunity to create a similar-looking scam called Amazon Big Billion Day Sale. Amazon actually has its festive season sales called the Great Indian Festival. Amazon is the main rival of Walmart-owned Flipkart.
Some of the Internet users in India received spurious links to click on and participate in a contest where individuals could win an OPPO F17 Pro (Matte Black, 8 GB RAM, 128 GB Storage) smartphone, IANS reported.
People who were duped into believing that they had won the phone as a prize would be asked to share the link via WhatsApp to their friends and family, the report said.
All the domain links were found registered in China specifically in the Guangdong and Henan province to an organization called Fang Xiao Qing. The hackers registered these domains on Alibaba’s cloud computing platform.
Research says India has over 100 million online shoppers and as more people come online, we expect more such scams to take place, said Vineet Kumar, founder and president, CyberPeace Foundation.
The festive online sales in India clocked $8.3 billion in the October 15-November 15 period.
The gross merchandise value (GMV) numbers increased from $5 billion last year up to $8.3 billion this year, riding on the massive orders coming from smaller cities and towns, according to consulting firm Redseer.
According to the market research firm, Flipkart Group emerged as the leader during the whole festive month with 66 percent share of the total sale.
As of today, these links are still found to be operational and active. Hackers used fake images and comments to create fake accounts on social media platforms to make the contest sound legitimate, the report said.
One of the images in these accounts has been used in the past for a call girl service in India. The comments used were also similar to each other in nature.
CyberPeace Foundation deployed open-source investigative methods to examine the links and found that all the domain links were found registered in China. The URL used for the contest redirects to multiple random sites all of which are fake.
Kumar said the information collected via scams can be used to undertake more such cyber-attacks, especially targeted at internet users in Tier 2 and Tier 3 cities where awareness about such scams are low.