China-based hacking groups are leaving no stone unturned inattacking Indians and a new report revealed on Friday that fraudsters fromGuangDong and Henan province in China targeted online shoppers during therecord-breaking Flipkart festive season sales.
The biggest festive sale hacking emerged via 'Spin The LuckyWheel Scam' that emerged within days of Flipkart announcing its 'Big BillionDay Sale' in the month of October, said the investigation conducted by NewDelhi-based CyberPeace Foundation.
Chinese scammers used this opportunity to create asimilar-looking scam called 'Amazon Big Billion Day Sale' (Amazon actually hasits festive season sales called the 'Great Indian Festival').
Internet users in India were sent spurious links to click onand participate in a contest where individuals could win an OPPO F17 Pro (MatteBlack, 8 GB RAM, 128 GB Storage) smartphone.
"People who were duped into believing that they had wonthe phone as a prize would be asked to share the link via WhatsApp to theirfriends and family," the report said.
All the domain links were found registered in Chinaspecifically in the Guangdong and Henan province to an organisation called'Fang Xiao Qing.'
The hackers registered these domains on Alibaba's cloudcomputing platform, the report mentioned.
"E-commerce scams are not new but what's more alarmingis the covert cyber warfare Chinese entities are launching in India on arepeated basis," said Vineet Kumar, Founder and President, CyberPeaceFoundation.
'Spin the Wheel' scam is not a new phenomenon and has beenaround for over a couple of years.
"Research says India has over 100 million onlineshoppers and as more people come online, we expect more such scams to takeplace," Kumar added.
The festive online sales in India beat industry estimates toclock $8.3 billion (nearly Rs 61,253 crore) in the October 15-November 15period -- an impressive growth of 65 per cent (on-year).
The gross merchandise value (GMV) numbers increased from $5billion last year up to $8.3 billion this year, riding on the massive orderscoming from smaller cities and towns, according to homegrown consulting firmRedseer.
According to the market research firm, Flipkart Groupemerged as the leader during the whole festive month with 66 per cent share ofthe total sale.
According to Kumar, the information collected via thesescams can be used to undertake more such cyber-attacks, "especiallytargeted at internet users in Tier 2 and Tier 3 cities where awareness aboutsuch scams are low."
The Chinese hackers hosted the online links across Belgiumand the US.
"As of today, these links are still found to beoperational and active. Hackers used fake images and comments to create fakeaccounts on social media platforms to make the contest sound legitimate,"the report said.
"One of the images in these accounts has been used inthe past for a call girl service in India. The comments used were also similarto each other in nature".
CyberPeace Foundation deployed open-source investigativemethods to examine the links and found that all the domain links were foundregistered in China.
"The URL used for the contest redirects to multiplerandom sites all of which are fake.
"The Big Billion Days is a campaign by Flipkart buthackers used the massive public interest in the campaign to make it seem as ifthe contest was being run by Amazon," the report mentioned.
(Source: IANS)