The cyber security watchdog said that users are being targeted through fake messages that claim festive offers but ultimately lead users to suspicious websites that can potentially steal sensitive data like bank account details, passwords and OTPs.
“Fake messages are in circulation on various social media platforms (WhatsApp, Telegram, Instagram, etc), that falsely claim a festive offer luring users into gift links and prizes,” an advisory by CERT-In on October 18 said.
It went on to add that the threat actor is mostly targeting women and asking to share the links among peers over WhatsApp/Telegram/Instagram accounts.
CERT-In said the victim receives a message with a link to a website modelled after websites of popular brands.
Many of the websites where users were being led, had Chinese (.cn) domains or other extensions like .top and .xyz.
On the website, the user is asked to fill up a questionnaire with the false claim of securing a chance to win money and prizes.
“The attackers entice the users to give sensitive information like personal details, bank account details, passwords, OTPs or use it for adware and other adversarial purposes,” CERT-In said.
After that, the website claims that a user has won a prize and asks them to share the website link with others through WhatsApp.
It went on to add that the malicious link may further result in “large-scale attacks and financial frauds.”
The body urged users not to browse untrusted websites or click on un-trusted links.
“Only click on URLS that clearly indicate the website domain. When in doubt, users can search for the organisation’s website directly using search engines to ensure that the websites they visited are legitimate,” the agency suggested.
It said that legitimate organisations would never ask for login credentials or credit card information by email or SMS.
“Keep personal information private. Threat actors can use social media profiles to gather information and make targeted attack against you,” the advisory read.