Live
- Noise levels exceeded limits during Diljit’s show
- Vaibhav Jewellers opens 17th retail store in Amalapuram
- St George School students excel in chess tourney
- Gurugram pvt school teen wins prestigious ‘Diana Award’
- UP to mark Atal Shatabdi Samaroh from today
- Collector inspects Indiramma housing survey
- Court doors always open to suggestion, demand: SC after Punjab says: Pb farmers refuse to talk, SC told
- Asifabad should be on top in CM Cup competitions: Collector
- Supreme Court bats for preservation of India’s ‘sacred groves’
- AP cabinet to meet today, to address key decisions
Just In
Scammers using 'Diwali', 'Pooja' domains to con users this festive season: Report
![Scammers using Diwali, Pooja domains to con users this festive season: Report Scammers using Diwali, Pooja domains to con users this festive season: Report](https://assets.thehansindia.com/h-upload/2023/11/09/1397483-offers.webp)
Cybersecurity researchers have discovered a sharp surge in malicious campaigns that use "Diwali" and "Pooja" domains to scam users this festive season via e-commerce websites, a new report warned on Thursday.
New Delhi: Cybersecurity researchers have discovered a sharp surge in malicious campaigns that use "Diwali" and "Pooja" domains to scam users this festive season via e-commerce websites, a new report warned on Thursday.
The researchers from the cybersecurity company CloudSEK have witnessed phishing campaigns targeting recharge and e-commerce sectors attempting to damage the brands of reputed entities.
They uncovered about 828 unique domains from the Facebook Ads Library that were being used for phishing campaigns.
"This year, there has been a steep spike in the hosting of fake domains for online shopping scams. These scams can further escalate into financial frauds, where hackers can impersonate customer representatives from various organizations, exploiting the gullibility of innocent victims," said Rishika Desai, lead cyber intelligence, CloudSEK.
According to the report, these unique domains were formed by typosquatting techniques to bring legitimacy to less technologically advanced audiences. For instance, shop.com was impersonated as shoop.xyz with the same features and content as the original website.
A domain having keywords "Diwali" and "Pooja" were found to be hosted on a Hong Kong-based ASN by Megalayer Technologies.
This domain was redirected to different Chinese betting pages.
The website was created approximately a month ago and redirects to multiple gambling sites such as Bet 365, MGM, etc, the report said.
"Cybercriminals often exploit the increased internet traffic during Diwali to target unsuspecting users with malicious websites that mimic legitimate gambling platforms," Desai said.
Moreover, the report mentioned that various malicious users on Facebook and other relevant social media channels were found to be misleading genuine users by asking them to register on unreliable cryptocurrency websites.
One such example is Bot Bro, which lures consumers to untrustworthy crypto platforms by providing free life insurance up to one crore and five TLC coins.
An e-commerce website selling jewellery registered on October 3, was found to be requesting users to download an application embedded with an Android Trojan.
This website had the "Diwali" keyword in its domain name.
![](/images/logo.png)
© 2024 Hyderabad Media House Limited/The Hans India. All rights reserved. Powered by hocalwire.com