Beware of Chinese offering Diwali gifts to trick Indians into sharing personal data

Messages offering deals which are too good to be true must be flooding inbox folders during the festive season, and such offers are often from obscure sellers. An increasing number of digital transactions and online activity have also led to a surge in cyberfraud, with Indians being hit by 1.5 crore phishing attacks in the second quarter this year. Security concerns have also triggered bans in the country against Chinese platforms such as Shein and Aliexpress. It turns out that there are more websites from China which are using free Diwali gifts to lure Indian consumers into sharing their details.

No such thing as a free Diwali lunch?

The revelation was made in an advisory released by India’s Computer Emergency Response Team, which warned consumers about links that redirect them to dubious Chinese sites. These links offering free gifts are sent through messages on text, Instagram, WhatsApp, Telegram and other social media platforms. Targeting mostly women during festive season, the scam also makes them forward the messages to friends and family.

Watch out for these signs

Once on the site, the victim is asked to fill up a form asking for banking details and other personal information. They are asked to choose a gift and greeted with a message which asks them to forward the link in order to receive their reward. The CERT-In has instructed people to avoid clicking on links that seem shady, and has identified links with the extension .cn for China and .xyz or .top as dubious.

Phishing adapting to the times

Phishing is when you get a call or message from someone posing as a bank’s representative, to extract account and card details, before asking for OTP. This is a trick by frausdters to siphon off a large amount of money from the account by luring people with lucrative deals. Over the past few years as people have become wary of calls, mails and fake e-commerce sites are being used as part of a new modus operandi for phishing attacks.

Simple steps to stay safe

Apart from staying wary of such websites, consumers can also steer clear from scams by watching out for messages that ask for credit card number of personal details, after offering unrealistic discounts and rewards. Setting transaction limits for online transactions via payment apps and cards can also minimise damage in case you are hit by a phishing attack that targets bank accounts. The RBI has also reported that Indians lost money to more than 13,000 cyberfraud cases in FY22, which includes incidents such as a teacher being robbed simply after clicking a link on WhatsApp.