|
||
Cyber Criminals Target Internet Users by Luring them with Tata Group and Amul Anniversary Celebration Gift Scams | ||
New Delhi, Delhi, India
WhatsApp messages masquerading as the offers from Tata Group and Amul with links luring unsuspecting users with the promise of Anniversary Celebration presents, have been making the rounds on the app recently. If you receive such messages try to stay away from these, as these can be a scam.
Image: Links as they appear on messages
The Research Wing of CyberPeace Foundation along with Autobot Infosec Private Limited have conducted two different studies based on these WhatsApp messages that contained links pretending to be a free gift offer from Tata Group and Amul which ask users to participate in a survey in order to get a chance to win a Tata Nexon EV and Rs. 6000 respectively. Warning Signs
On the landing page a Congratulations message appears with an attractive photo of a Tata car and asks users to participate in a quick survey in order to get a “Tata Nexon EV”. The Amul link showcases an Amul logo and asks users to take the survey to win 2000 Euros.
Also, at the bottom of this page a section comes up which seems to be a comment section where many users have commented about how the offers are beneficial.
Both the surveys start with some basic questions like Do you know Tata or Amul Group? How old are you? What do you think of Tata or Amul Group? Are you male or female? etc.
Once the user answers the questions a “congratulatory message” is displayed. After Clicking the OK button users are given three attempts to win the prizes.
After completing all the attempts, it says that the user has won TATA Nexon EV while the Amul 75th Anniversary link says you have won 2000 Euros. Congratulatory message, as it appears on the screen
Clicking on the ‘OK’ button, it instructs users to share the campaign on WhatsApp. Strangely enough the user has to keep clicking the WhatsApp button until the progress bar completes. After clicking on the green ‘WhatsApp’ button it shows a section where a congratulations message appears once again.
During the analysis the research team found a JavaScript code called hm.js was being executed for both the campaigns in the background from the host hm[.]baidu[.]com which is a subdomain of Baidu and is used for Baidu Analytics, also known as Baidu Tongji. The important part is that Baidu is a Chinese multinational technology company specialising in Internet-related services, products and artificial intelligence, headquartered in Beijing's Haidian district, China. To read the full reports Click here:
www.cyberpeace.org/CyberPeace/Repository/20211011Research-Report-on-Amul-75th-Anniversary-Scam.pdf The detailed study helped CyberPeace and AutoBot Infosec Pvt. Ltd. to come to the following conclusions
CyberPeace Advisory suggests:
|
||
|
||||||||||||||||
| ||||||||||||||||