Festive deals come with phishing scams

Tushar Mathur (name changed), a 48-year-old art director based in Delhi, wanted to give his wife a Louis Vuitton bag for Deepavali and decided to order it online. After seeing some great “party” offers on the seemingly genuine website – Louis Vuitton., Mr. Mathur paid Rs 36,000 for the bag. The bag was delivered to his home as promised, only it turned out to be a cheap knockoff. Mr. Mathur tried to visit the website again to complain, but the website no longer existed. Festive Deals

Mr. Mathur is not alone. While the holiday season is a boom time for online retailers and bargain hunters, cybercriminals are also taking advantage of this increase in online transactions. As per network safety arrangements supplier Check Point Software Technologies (CPTS), consistently during the Christmas season there is an expansion in the number of new areas enlisted containing “Deepavali”. “This year we have seen a 200% increment in the number of new areas enlisted containing the word ‘Deepavali’. Three percent of these spaces are viewed as vindictive and 31% are suspect, “Harish Kumar, Head, Business and Government, CPTS, India, and SAARC told The Hindu.Festive Deals

Mr. Kumar added that undermining entertainers approach with energy during celebrations as supporters let their watchmen down and will in general keep their feet up. Likewise, Amit Jaju, senior managing director for India of consultancy firm Ankura, said based on inquiries received and online statistics that there has been an increase of over 300% in cyber incidents. in the last few weeks before Deepavali.

Social engineering attacks are the most commonly deployed form of attack, ”said Ritesh Chopra, Director of Field Sales and Marketing, India and SAARC Countries, NortonLifeLock. These attacks use psychological manipulation to trick users into making security-related errors, such as clicking on legitimate emails, web links, or social media messages. Festive Deals Although such attacks fall under the realm of “phishing attacks”, they are more sophisticated. Attackers can grab some information already available about consumers and then use it to trick them into taking action.

Mr. Chopra said the threat of cyber-attacks has increased as most consumers are willing to exchange information for convenience and save money. “The lure of these things puts us in the trap … Criminals play on our psychology, whether it’s fear, convenience, or greed … or all of those things combined.

We all know about cookies… if cookies are being tracked and you have been looking to travel or buying a gift card… A threat actor can come back to you with a fake offer specifically for what you want,” Mr. Chopra said.

Mr. Jaju added that in 2021 India witnessed five major data breaches on companies ranging from pizza delivery, mobile wallets, social media giants, airlines to discount brokerage. “This data is now being used to launch targeted attacks via SMS, messaging apps, phishing emails or, in some cases, phone calls as part of the redemption of reward points or expiring refund offers. All of these are intended to possibly steal identifying information or OTP codes from the target, ”he said.

Nitin Bhatnagar, Associate Director of the PCI Security Standards Council, said: “The most effective way to avoid these attacks is to separate the devices used for social media browsing and general internet browsing from the devices used for transactions. financial.

Savvy hackers abuse targeted social media ads to trick customers into buying out-of-stock items such as game consoles or other gadgets. Clicking on those ads would take the person to an e-commerce business phishing website, tricking the person into sharing their credentials. In many cases, this activity takes place on a mobile phone where it is very difficult to visually differentiate a phishing website from a genuine website, Jaju said.

These pitfalls can be avoided by regularly changing passwords, removing unwanted apps, blocking high-value international and e-commerce transactions on their cards through the Bank app, and only temporarily activating them during checkout. ‘a transaction, he added.

Nitin Bhatnagar, associate director of the PCI Security Standards Council, said: “The most effective way to avoid these attacks is to separate devices used for social media browsing and general internet browsing from devices used for financial transactions. ”

Savvy hackers abuse targeted social media ads to trick customers into buying out-of-stock items such as game consoles or other gadgets. Clicking on those ads would take the person to an e-commerce business phishing website, tricking the person into sharing their credentials. Festive Deals In many cases, this activity takes place on a mobile phone where it is very difficult to visually differentiate a phishing website from a genuine website,

These pitfalls can be avoided by regularly changing passwords, removing unwanted apps, blocking high-value international and e-commerce transactions on their cards through the Bank app, and only temporarily activating them when checking out. ‘a transaction, he added.

One should not click on the links received on their mobile devices but visit the e-commerce app or the website themselves to purchase items and follow basic digital hygiene. It is also important to stop storing card details on websites for faster payment, ”Jaju warned, adding that this would prevent hackers from retrieving card details if the site is breached

Consumers should also be careful on microblogging sites to identify bogus customer service and used goods e-commerce applications. It is also crucial to have fraud protection and insurance from banks or third parties to cover the card limit. This whole cybercrime business is like a cat and a mouse. No matter how hard we all try, the cybercriminal just needs to win someday and someday he’ll make the fortune he’s looking for or steal the data he’s looking for … we have software, we have companies that adopt good practices around this. ..but what is most important are your own hygiene factors