Express press service
KOCHI: Links to a fake India Post website circulating on social media have been identified as the latest example of a phishing attack targeting cellphone and computer users. Clicking on the links redirects users to fake India Post website having Chinese login. They can allow fraudsters to gain access to users’ devices. Cyber experts suspect that the links are widely shared as they promise users rewards for sharing with friends and relatives.
Technisanct, a Bangalore-based cybersecurity startup with a research center in Kochi, decided to approach India’s Computer Emergency Response Team (CERT) against the scam. “Attempts are underway to alert India Post. The links are released with the claim that a reward of `6,000 after users share it,” said Technisanct Founder and CEO Nandakishore Harikumar.
Technisanct discovered that the fraudsters used the American company Cloudflare to create the website. The main domain (often used for malware and phishing) is related to China. The sponsoring organization of the website is Jiangsu Bangning Science and Technology, Yuhuatai District, Nanjing City, Jiangsu Province, China. The startup said the URLs are changed regularly to evade the action. He said he could identify about 20 India Post-related URLs in circulation.
“They avoided a direct mention of India Post in the FQDN and used government logos. Thus, in-depth solutions supported by artificial intelligence are needed to counter the problems. We analyze data on the activities of these websites. We will share the information with CERT and India Post,” Nandakishore said.
He said such phishing attacks were becoming common in India. “After a request has been submitted to remove a fake website, corrective action takes several hours or even days. Such continuous phishing attacks show that every brand should gradually start using brand monitoring solutions to identify proactively address the issue and prevent the spread of phishing and duplicate websites,” he said.
A police officer from Kerala Police Cyberdome said rewards or sensational information often entice people to click and pass around such links. “The loss of money due to this is rarely reported. However, people don’t realize that by clicking on these links they are also compromising the security of their devices,” he said.
A police officer from Kerala Police Cyberdome said rewards or sensational information often entice people to click and pass around such links.