Along the lines of the Spin The Wheel Scam, cyber-attacks are now targeting Indian e-commerce users with an emerging “year-end carnival, Get free Christmas gifts!” scam” as per an investigation conducted by CyberPeace Foundation. The scam is designed to cash in on the festive season fervour to dupe eCommerce users into thinking that they can win a brand new OPPO F17 Pro (Matte Black, 8GB RAM, 128GB Storage) smartphone.
While the new scam bears many similarities to the Spin the Lucky Wheel Scam reported by CyberPeace Foundation earlier, the new scam aims to also inject malware into the smartphones of users by asking people to install a third-party malicious app.
Key findings of the investigation by CyberPeace foundation are
The scam is new and is in the early stages of its lifecycle. There is a probability that this scam could reach a mass number of Indians by the 31st of Dec and could last well until the 1st week of January.
Flipkart Year-end carnival was last announced for the month of December in 2018. In 2020 we did not find any information on Flipkart official website regarding Year-end carnival.
Grammatical mistakes have been found on the webpage, any big brand organization usually does not have any grammatical mistakes.
Usually any big brand ecommerce entity holds any offer on their respective official website. The offer is hosted on some suspicious websites instead of the official website https://flipkart.com.
The owner of the sites that are being shared via the social media platform, is not Flipkart Internet Private Limited. On the basis of our investigation and extracted information, it seems that the sites are registered from the region of China.
Unlike Spin the wheel scam, the format of selecting winners is different this time. On the landing page, a lucky draw section can be seen, on clicking the start button it shows ‘It’s a pity that you didn’t get the reward, you have 2 more chances’ with an alert. Also at the bottom of this page, a section comes up which seems to be a Facebook comment section where many users have commented about how much the offer is beneficial. All these comments and accounts are fake as per the investigation.
Year-end carnival, Get free Christmas gifts!” scam is a much more malicious version of the earlier e-commerce scams as it aims to keep users engaged with fake popup alerts. Every time a user clicks on the WhatsApp button on the scam website to share the link ahead with friends and family via Whatsapp a new tab opens on browser with the link whatsapp://send?text= https%3A%2F%2Fpktnoxl.top%2Flhj%2F%3Fl%3Den%26x%3D1%26t%3D21
It means if the user clicks on the link from a mobile device it will open the installed WhatsApp application on the phone. We have also noticed an alert message like “Sharing failed! The same group or the same friend is not correct. Please check and share again.” After clicking on the green Download app button it redirects the user to a link https://mavq[.]net/7f84645690/2d1d099658/?placementName=default
All domains are registered in the Guangdong province
Sharing the report, Vineet Kumar, President and Founder, CyberPeace Foundation said, “There is a need for International Cyber Cooperation between countries to bust the criminal networks running the fraud campaigns affecting individuals and organizations to make the Cyberspace resilient and peaceful. with the growing number of attacks and disruption in the cyberspace, countries are struggling with attributing attacks and fixing accountability which stands to be one of the major causes of concerns today.”