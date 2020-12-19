-
Hackers from the Guangdong and Henan provinces in China targeted millions of Indians with shopping scams during the e-commerce festive season sales in October and November, according to a report by CyberPeace Foundation, a cybersecurity think tank.
The hackers created bogus links and asked internet users to click on them to participate in online contests and win prizes. The links were distributed through WhatsApp messages and it is believed they have been sent to many people. Some of these scam contests imitated the actual sales campaigns run by Amazon and Flipkart to make them look genuine and trick the consumers.
CyberPeace said while the recently concluded festive season was a great success for e-commerce players, hackers used the opportunity to scam millions of Indian users with the “Big Billion Days Spin the Lucky Wheel Scam”. An investigation conducted by CyberPeace Foundation reveals that Chinese fraudsters and hackers were responsible for creating these cyber-attacks, which were then maliciously spread via WhatsApp and targeted gullible e-commerce users with free products offer.
“E-commerce scams are not new but what’s more alarming is the covert cyber warfare the Chinese entities are launching in India on a repeated basis,” said Vineet Kumar, founder and president, CyberPeace Foundation.
He said ‘Spin the Wheel’ scam is not a new phenomenon and has been around for over a couple of years. Research states that India has over 100 million online shoppers and as more people come online, Kumar said more such scams are expected to take place. “The information collected via these scams can be used to undertake more such cyber-attacks, especially targeted at internet users in Tier-II and Tier-III cities where awareness about such scams are low,” said Kumar.
CyberPeace said ‘Spin The Lucky Wheel Scam’ emerged within days of Flipkart announcing its Big Billion Days (BBD) sale. Chinese scammers used this opportunity to create a similar-looking scam called ‘Amazon Big Billion Day Sale’. Internet users in India were sent spurious links to click on and participate in a contest where individuals could win an OPPO F17 Pro smartphone. People who were duped into believing that they had won the phone as a prize would be asked to share the link via WhatsApp to their friends and family.
CyberPeace Foundation deployed open-source investigative methods to examine the links. All the domain links were found registered in China, specifically in Guangdong and Henan provinces, to an organisation called Fang Xiao Qing. The hackers registered these domains on Alibaba’s Cloud computing platform, according to CyberPeace. Hackers hosted these links across Belgium and the US. As of today, these links are still found to be operational and active.
