‘Diwali’ and ‘Pooja’ domains being exploited by online scams; see tips to help you stay safe

In a recent report, cybersecurity researchers from CloudSEK have sounded the alarm on a significant surge in malicious campaigns capitalising on the festive season. Exploiting the popularity of "Diwali" and "Pooja," cybercriminals are employing deceptive domains to target unsuspecting users, particularly through e-commerce websites.

The research reveals a disturbing trend in phishing campaigns, with a focus on the recharge and e-commerce sectors, aiming to tarnish the reputations of well-established entities. CloudSEK's investigators identified a staggering 828 unique domains in the Facebook Ads Library dedicated to phishing activities.

Rishika Desai, lead cyber intelligence at CloudSEK, expressed concern about the notable increase in fake domains designed for online shopping scams this year. Desai warns that these scams could potentially escalate into financial frauds, as hackers exploit the trust of innocent victims by impersonating customer representatives from reputable organisations.

The report highlights the use of typosquatting techniques to create convincing yet fraudulent domains. For instance, the legitimate "shop.com" was mimicked as "shoop.xyz," complete with identical features and content to deceive less technologically advanced audiences.

The investigation unveiled that domains containing keywords like "Diwali" and "Pooja" were hosted on a Hong Kong-based ASN by Megalayer Technologies. One such domain, when accessed, redirected users to various Chinese betting pages, including popular platforms like Bet 365 and MGM.

Desai emphasises that cybercriminals often exploit the increased internet traffic during Diwali to target unsuspecting users with malicious websites that mimic legitimate gambling platforms.

The report also sheds light on deceptive practices on social media platforms. Malicious users on Facebook and other relevant channels were found misleading genuine users by urging them to register on unreliable cryptocurrency websites. An example cited is "Bot Bro," enticing consumers with promises of free life insurance up to one crore and five TLC coins, leading them to untrustworthy crypto platforms.

In another alarming discovery, an e-commerce website specialising in jewellery, registered on October 3, was found encouraging users to download an application embedded with an Android Trojan. Notably, the domain name of this website included the keyword "Diwali."

Here are some quick tips to help you stay safe from online scams:

Be skeptical of unsolicited emails and messages

Use strong, unique passwords

Enable two-factor authentication (2FA)

Keep software and antivirus programs updated

Check website security

Educate yourself about common scams

Verify emails and communications.

Also Read Cryptocurrency fraud: Over 1,000 Himachal cops lose crores of rupees to 'Korvio Coin' and 'DGT Coin'