China-based hackers luring Indians into fake Tata Motors scam
Cyber-security researchers in India on Thursday said they have discovered a malicious free gift campaign pretending to be an offer from Tata Motors that is collecting users' data, and the campaign has been traced to China-based hackers.
 
The research wing of New Delhi-based CyberPeace Foundation received some links via WhatsApp, related to a free gift offer from Tata Motors, collecting browser and system information as well as the cookie data from the users.
 
"The campaign is pretended to be an offer from Tata Motors but hosted on the third-party domain instead of the official website of Tata Motors which makes it more suspicious," the research team said in a statement.
 
If any user opens the link from a device like smartphones where WhatsApp application is installed, the sharing features on the site will open the WhatsApp application on the device to share the link.
 
"The prizes are kept really attractive to lure the laymen," the team said.
 
The title of the fake website is "Tata Motors Cars, Celebrates sales exceeding 30 million."
 
On the landing page, a congratulations message appears with an attractive photo of a Tata Safari car and asks users to participate in a quick survey to get a free TATA Safari vehicle.
 
"Also, at the bottom of this page, a section comes up which seems to be a Facebook comment section where many users have commented about how the offer is beneficial," the research revealed.
 
After Clicking the OK button, users are given three attempts to win the prize.
 
After completing all the attempts, it says that the user has won "TATA SAFARI".
 
"Congratulations! You did it! You won the TATA SAFARI!" Clicking on the 'OK' button, it then instructs users to share the campaign on WhatsApp.
 
The user then has to click the WhatsApp button in order to complete the progress bar. After clicking on the green 'Complete registration' button, it redirects the user to multiple advertisements webpages, and it varies each time the user clicks on the button.
 
According to the researchers, cybercriminals used Cloudflare technologies to mask the real IP addresses of the front-end domain names used in the free gifts from Tata Motors campaign.
 
"But during the phases of investigation, we have identified a domain name that was requested in the background and has been traced as belonging to China," the researchers revealed.
 
CyberPeace Foundation, a think tank and grassroot NGO of cyber security and policy experts, along with Autobot Infosec Private Limited looked into this matter to realise that these websites are online fraud.
 
"The campaign is pretended to be an offer from Tata Motors but hosted on the third-party domain instead of the official website of Tata Motors which makes it more suspicious," the Foundation said.
 
The Foundation recommended that people avoid opening such messages sent via social platforms.
 
Disclaimer: Information, facts or opinions expressed in this news article are presented as sourced from IANS and do not reflect views of Moneylife and hence Moneylife is not responsible or liable for the same. As a source and news provider, IANS is responsible for accuracy, completeness, suitability and validity of any information in this article.
Comments
Maharashtra's vehicle registration process goes online, faceless, paperless
IANS 10 June 2021
In a major initiative, the Maharashtra government has made the cumbersome process of vehicle registration process totally online - faceless and paperless - in view of the Covid-19 second wave's compulsions and as part of the...
After petrol, now diesel set to hit century mark in Sri Ganganagar
IANS 09 June 2021
Sri Ganganagar, a small city in northernmost part of Rajasthan near the India-Pakistan border, is all set to get the dubious distinction of becoming the first in the country where retail prices of both auto fuels - petrol and diesel...
Nestlé Document Says 60% of Its Food Portfolio Is Unhealthy: Report
IANS 02 June 2021
The world's largest food company, Nestlé, has acknowledged that more than 60% of its mainstream food and drinks products do not meet a 'recognised definition of health' and that "some of our categories and products will never be...
Dis-service Providers: BSNL
Sakuntala Narasimhan 31 May 2021
On 15th May, I lost my husband of 59 years, at the end of his prolonged and painful illness. I was also suffering from major health problems myself, and was due for knee replacement surgery. The process of obtaining a death...
Free Helpline
Legal Credit
Feedback