Amidst the rapidly increasing occurrence of digital fraud, Quick Heal Technologies Limited, a global cybersecurity solutions provider, has shared a comprehensive advisory detailing several sophisticated cyber threats that are currently targeting consumers. As the digital landscape evolves, cybercriminals are adapting their tactics, exploiting various platforms and events to defraud unsuspecting users. Researchers at Seqrite Labs, India’s largest malware analysis facility, have identified some key digital fraud trends.
Festival-related frauds
With major festivals like Diwali, Dussehra, and Christmas approaching, Quick Heal has identified a significant uptick in cybercriminal activities targeting shoppers. These scams involve the creation of fake domains impersonating legitimate shopping websites, such as “shoop.xyz” mimicking “shop.com”. Cybercriminals distribute malicious links disguised as special festival gifts via WhatsApp, SMS, and email, often using short URLs to hide the original malicious links.
Victims who click on these links are presented with forms requesting personal details and access to contacts, messages, and call records. The scammers create a false sense of urgency, prompting users to share the message with friends or groups to claim their “special Diwali gift”.
Banking reward application scams
Cybercriminals are employing sophisticated social engineering tactics to trick users into downloading malicious APK files. These scams often create a false sense of urgency with messages like “Available only for today” or “Last day!” They offer enticing rewards such as “Sign up now to enjoy free gift worth $$$” or use fear tactics with messages like “Your account has been blocked due to KYC update”.
The impact of these scams can be severe, including monetary loss, theft of personal data, phishing of bank credentials, and unauthorized transactions. Attackers may gain control over the victim’s device, potentially leading to further exploitation.
Fake IRCTC App
A sophisticated spyware masquerading as the official IRCTC app has been detected. This malicious application can steal Facebook and Google account credentials, extract codes from Google Authenticator, track GPS and network location, and even record and send videos using the device’s camera. The app gathers information about installed applications and sends collected data to a command and control (C2) server.
E-commerce related Fraud
Scammers are targeting e-commerce customers with fake messages claiming they have won prizes or gift cards. These frauds typically use SMS, email, or social media platforms to distribute messages with text like “Dear customer, congratulations! You have won…” Users are prompted to click on links to claim free gifts or gift cards, which redirect them to malicious sites that harvest personal information.
Income Tax Refund Scam
A new fraud scheme involves contacting individuals about supposed tax refunds. The scam uses SMS, WhatsApp, or email to reach potential victims, urging them to update their account details for receiving a refund. Messages often include text like “Your income tax refund of Rs. XXXX has been approved. Please verify your account number XXXX.” This can lead to unauthorized access and draining of victims’ accounts.
Paris Olympics 2024 Apps
In the wake of the Olympics, numerous apps emerged claiming to provide event-related information. However, many of these apps were found to be collecting user data, including internet browsing history, and sharing it with third-party advertisers without consent. These apps often request elevated permissions to access personal and confidential information, potentially leaving users vulnerable to unauthorized access, identity theft, and data breaches.
QR Code Phishing (Quishing)
A new phishing methodology exploits the widespread use of QR codes. This threat involves sending malicious QR codes via text messages, social media apps, or email. When scanned, these codes direct users to fake websites that appear legitimate but are designed to steal personal and financial information. In some cases, scanning these QR codes may result in malware downloads that compromise the user’s device.
The sophistication of these online frauds underscores the need for constant vigilance. Quick Heal strongly advises users to approach all digital interactions with a healthy dose of skepticism and to follow these safety guidelines:
· Exercise extreme caution when clicking on links or opening attachments from unknown sources.
· Always verify the authenticity of websites before entering personal or financial information. Double-check URLs and look for security indicators.
· Download apps only from official app stores (Google Play Store or Apple App Store) and be wary of apps requesting excessive permissions.
· Never share OTPs, PINs, CVV numbers, or banking credentials in response to unsolicited communications.
· Implement multi-factor authentication wherever possible to add an extra layer of security.
· Regularly update security software, operating systems, and applications to protect against the latest vulnerabilities.
· Be skeptical of offers that seem too good to be true, especially those creating a sense of urgency.
· For QR code scanning, use secure scanner apps that can identify and flag suspicious URLs.
· Manually enter URLs into your browser instead of clicking on links or scanning QR codes when dealing with sensitive information.
· Educate yourself and others about the latest cybersecurity threats and best practices.