Fake vouchers on WhatsApp seek personal info: Careful
New Delhi : Be careful, your smartphone may ditch you! Now-a-days a few fraud companies are sharing fake vouchers of popular brands on WhatsApp where users are redirected to websites seeking personal information, which is later used to fool them in phishing scams. Cops said that at least three such cases have been registered over the past year, where people were allegedly tricked on the pretext of free goodies from popular brands.
Last month, a similar case was registered where a forwarded message claimed to offer free goodies in the name of supermarket chain D-Mart. The message read, “D-Mart is giving FREE INR2500 shopping voucher to celebrate its 17th anniversary. Click here to get yours (link). Enjoy”, said the police. “Upon clicking the link, personal details are sought. The post was shared widely on WhatsApp. If observed closely, in the website address, the alphabet ‘i’ is replaced by a similar looking alphabet,” an officer said.
After the people who have received fake messages, they thronged several D-Mart outlets an FIR was registered at Powai police station on June 19 under sections of the Information Technology (IT) Act. An officer linked to the investigation said, “We have found that the link originated from servers in Canada. Many people filled in their details on the link. Investigation is on.”
In May 2018, fake messages in the name of Jet Airways got widely shared on WhatsApp. The message read, “Jetairways Airline is giving 2 Free Tickets to everyone. To celebrate their 25th anniversary. Click here to get yours (link).”
In February, a WhatsApp message claimed that Adidas was giving free footwear. “Adidas is giving away 3000 Free Pair of shoes to celebrate its 93rd anniversary. Get your free shoes at (link),” read the message. Once clicked, people were directed to page where personal details were asked. Later, Adidas denied having made that offer.
Maharashtra Inspector General (cyber crime) Brijesh Singh said, “Normally, the accused use this modus operandi for something called ‘credential harvesting’. They basically try to get a detailed profile of people on their database, which is then used to target the people… stay away from such links.”
A cyber police officer said the accused also indulge in ‘website spoofing’. It means that you create a website that looks quite similar to the website of the company that ensures people don’t get suspicious. “There is a small change in the web address of the links, which a normal person will not notice,” the officer added.
Cyber expert Vicky Shah said, “On most occasions, fraudsters either do this to collect data for an attack that can be carried later on. At times, however, these websites ask people to pay 10 per cent of the total amount, which they flee with. This is an international trend and there have been other major brands whose names have been used by the fraudsters.”