As the festive season is almost here and people are too into online shopping and payments for their festivities. The one more thing on the verge is online fraud and scams. Cybersecurity firm Quick Heal Technologies has released an advisory which highlights significant threats targeting internet users. Cybercriminals continuously evolve their strategies, exploiting various platforms to deceive unsuspecting individuals. Experts from Seqrite Labs have pinpointed critical trends in digital fraud.
Fraudsters utilise social engineering techniques to persuade users to download harmful APK files. They often create urgency with messages like "Available only today" or "Last day!" to lure users. Scammers promise enticing rewards, such as "Sign up now to enjoy a free gift worth $$$," or create fear with warnings like "Your account has been blocked due to KYC update." These schemes can lead to financial loss, theft of personal data, phishing for bank credentials, and unauthorised transactions. Once they gain access to a victim's device, attackers may exploit it further.
Also read: Downloading free movie? You may become victim of ‘Peaklight': What is it and how it works
A fake app impersonating the official IRCTC platform has been discovered. This spyware can steal credentials from Facebook and Google, extract codes from Google Authenticator, track GPS locations, and even capture video using the device's camera. The application collects data on installed apps and transmits it to a command and control (C2) server.
With holidays like Diwali, Dussehra, and Christmas approaching, Quick Heal warns of increased cybercriminal activity targeting shoppers. Scammers create counterfeit domains that mimic legitimate shopping sites, such as "shoop.xyz," resembling "shop.com." They distribute malicious links disguised as festival gifts through WhatsApp, SMS, and email, often employing shortened URLs to obscure their true nature. Victims who click these links encounter forms requesting personal
Read more on tech.hindustantimes.com