#FactCheck - Out-of-Context Clip of PM Modi Misused to Claim He Insulted India

Executive Summary
‍

A video showing a massive fire and explosion is going viral on social media. The clip shows a large plume of smoke followed by a sudden blast. It is being shared with the claim that it depicts Iran attacking a nuclear reactor in Israel amid the ongoing Iran-Israel conflict. However, research  by CyberPeace found that the claim is misleading. The viral video is actually from 2017 and shows a massive explosion at an ammunition depot in Ukraine.

‍

Claim:

‍

On social media platform X (formerly Twitter), a user shared the video on March 21, 2026, with the caption:“Israel’s nuclear reactor was targeted with Fateh and Khyber missiles. Well done Iran! The whole world is with you.”

• https://x.com/NationalDastak/status/2035216277254582462?s=20 

‍

Fact Check:

‍

To verify the viral claim, we extracted keyframes from the video and conducted a reverse image search. During this process, we found the same video uploaded on March 23, 2017, on a YouTube channel named “null.” According to the upload, the video shows a massive explosion at an ammunition depot in Balakliya, Ukraine. Using these clues, we performed a keyword search and found a report published on March 24, 2017, by Global News.
‍

https://globalnews.ca/news/3332801/explosion-at-ukraine-ammunition-depot-forces-evacuation-of-2000-people/ 

‍

‍

‍

According to the report, a major fire and explosion broke out at a large military ammunition depot in Balakliya, located in Ukraine’s Kharkiv region. The incident resulted in one death, while nearly 20,000 people from surrounding areas were evacuated to safer locations.

‍

Conclusion:

‍

The claim that the video shows Iran attacking a nuclear reactor in Israel is misleading. The viral footage is actually from 2017 and depicts an explosion at an ammunition depot in Ukraine.

‍

Introduction

As the 2024 Diwali festive season approaches, netizens eagerly embrace the spirit of celebration with online shopping, gifting, and searching for the best festive deals on online platforms. Historical web data from India shows that netizens' online activity spikes at this time as people shop online to upgrade their homes, buy unique presents for loved ones and look for services and products to make their celebrations more joyful.

However, with the increase in online transactions and digital interactions, cybercriminals take advantage of the festive rush by enticing users with fake schemes, fake coupons offering freebies, fake offers of discounted jewellery, counterfeit product sales, festival lotteries, fake lucky draws and charity appeals, malicious websites and more. Cybercrimes, especially phishing attempts, also spike in proportion to user activity and shopping trends at this time.

Hence, it becomes important for all netizens to stay alert, making sure their personal information and financial data is protected and ensure that they exercise due care and caution before clicking on any suspicious links or offers. Additionally, brands and platforms also must make strong cybersecurity a top priority to safeguard their customers and build trust.

Diwali Season and Phishing Attempts 

Last year's report from CloudSEK's research team noted an uptick in cyber threats during the Diwali period, where cybercriminals leveraged the festive mood to launch phishing, betting and crypto scams. The report revealed that phishing attempts target the e-commerce industries and seek to damage the image of reputable brands. An astounding 828 distinct domains devoted to phishing activities were found in the Facebook Ads Library by CloudSEK's investigators. The report also highlighted the use of typosquatting techniques to create phony-but-plausible domains that trick users into believing they are legitimate websites, by exploiting common typing errors or misspellings of popular domain names. As fraudsters are increasingly misusing AI and deepfake technologies to their advantage, we expect even more of these dangers to surface this year over the festive season.

CyberPeace Advisory

It is important that netizens exercise caution, especially during the festive period and follow cyber safety practices to avoid cybercrimes and phishing attempts. Some of the cyber hygiene best practices suggested by CyberPeace are as follows:

• Netizens must verify the sender’s email, address, and domain with the official site for the brand/ entity the sender claims to be affiliated with. 
• Netizens must avoid clicking links received through email, messages or shared on social media and consider visiting the official website directly. 
• Beware of urgent, time-sensitive offers pressuring immediate action. 
• Spot phishing signs like spelling errors and suspicious URLs to avoid typosquatting tactics used by cybercriminals.
• Netizens must enable two-factor authentication (2FA) for an additional layer of security.
• Have authenticated antivirus software and malware detection software installed on your devices. 
• Be wary of unsolicited festive deals, gifts and offers. 
• Stay informed on common tactics used by cybercriminals to launch phishing attacks and recognise the red flags of any phishing attempts.
• To report cybercrimes, file a complaint at cybercrime.gov.in or helpline number 1930. You can also seek assistance from the CyberPeace helpline at +91 9570000066.

References

1. https://www.outlookmoney.com/plan/financial-plan/this-diwali-beware-of-these-financial-scams
2. https://www.businesstoday.in/technology/news/story/diwali-and-pooja-domains-being-exploited-by-online-scams-see-tips-to-help-you-stay-safe-405323-2023-11-10
3. https://www.abplive.com/states/bihar/bihar-crime-news-15-cyber-fraud-arrested-in-nawada-before-diwali-2024-ann-2805088
4. https://economictimes.indiatimes.com/tech/technology/phishing-you-a-happy-diwali-ai-advancements-pave-way-for-cybercriminals/articleshow/113966675.cms?from=mdr

‍

Executive Summary:

‍The internet has become a hub for fraudsters, and a new fraudulent scheme has been circulating, stating a free 84-day recharge of ₹719 given by the Honourable Prime Minister Narendra Modi  in celebration of the BJP Government formation in 2024. This is yet another scam that uses tricks to lure the users, for instance by fake questionnaires, fake promises and the use of the Honourable Prime Minister Narendra Modi’s image to give a fake impression of legitimacy. The following blog post analyzes the scam and offers recommendations on how to recognize similar frauds and avoid them.

False Claim:

A viral link trending on various social media platforms states that Narendra Modi, the Honourable Prime Minister of India, is giving a free 84-day free recharge worth ₹719 to all users in India and this is an Election Bonus  in celebration of the BJP government formation in 2024.  The claim insists the users are required to click on the link (https://offerraj.in/Congress2024-Recharge/id=9jMiaeN1) and complete a questionnaire to get the offer.

‍

The Deceptive Scheme:

1. Mobile-Only Access:  The malicious link (https://offerraj.in/Congress2024-Recharge/id=9jMiaeN1) is designed to open only on mobile devices; this makes it easier for more people to be affected. 
2. Multiple Redirects: After clicking the link, the users are led through a sequence of other links in order to conceal the actual source of the deception, and probably a try of making it difficult to track the notorious activity.
3. Fake Comments & Images: First, the landing page contains a banner with the photo of India’s Honourable Prime-Minister Narendra Modi which gives the site’s visitors the impression of the official source. Also, fake comments can be made for the same reason, stating that the author has received a free recharge and supporting the so-called initiative.
4. Fake Prize Notifications: For instance, after responding to the questions in the questionnaire, users may be presented with messages such as ‘Congratulations, you have won a free recharge’; this further creates an impression of a genuine offer.
5. Social Sharing Requirement: To collect the so-called ‘prize’, the users are requested to share the link in the WhatsApp or other social networks, thus contributing to the spread of the scam.

‍

Analyzing the Fraudulent Campaign:

1. No Official Announcement: The internet and other social platforms are the only places where such an offer has been mentioned, and there is no official announcement from the Government or any other authorized body.
2. Multiple Redirects: After clicking the link, users are taken through multiple redirects to obfuscating the source of the deception and to trace the malicious activity. 
3. Suspicious Domain and Hosting: The campaign is hosted on a third-party domain (offerraj.in) instead of any official government website, raising suspicion about its authenticity.
4. Personal Data Collection: The questionnaire prompts users to provide personal information, which legitimate Government initiatives would not typically request through unofficial channels.
5. Insecure HTTP Link: The link provided is an insecure HTTP link, whereas legitimate government websites employ secure HTTPS encryption.

‍

Domain Analysis:

The actual url is hosted on a third party domain instead of the official website of the BJP or any Government website. This is the common way to deceive users into falling for a Phishing scam. Whois information reveals that the domain has been registered recently i.e on 28-03-2023 and the domain is registered with godaddy.com and state is from Rajasthan, India. Cybercriminals used Cloudflare technology to mask the actual IP address of the fraudulent website.

‍

• Domain Name: offerraj.in
• Registry Domain ID: D9483D0EB38264263958C9609D2DCEA70-IN
• Registrar WHOIS Server:
• Registrar URL: www.godaddy.com
• Updated Date: 2024-05-03T07:30:03Z
• Creation Date: 2023-03-28T04:33:12Z
• Registry Expiry Date: 2026-03-28T04:33:12Z
• Registrar: GoDaddy.com, LLC
• Registrar IANA ID: 146
• Registrant State/Province: Rajasthan
• Registrant Country: IN
• Name Server: johnathan.ns.cloudflare.com
• Name Server: braelyn.ns.cloudflare.com

‍

Similar offer surfing with different links: Several similar kind of offers through various links such as https://offerintro.com/BJP2024-Recharge/id=QYntPBDU,  https://mahaloot2.xyz, https://mahaloot3.xyz, https://pmoffer4.online,  are available in the social media. All these links are analysed and validated to be malicious or phishing links. 

CyberPeace Advisory and Best Practices:

‍

1. Stay Informed: Be aware of potential scams and rely on official government channels for verified information.
2. Verify Website Security: Do not click on links that have the ‘http’ at the beginning and focus on sites that have encryption (‘https’).
3. Protect Personal Information: Be careful when there is any request to send some type of personal information, especially if it is done through informal companies.
4. Report Suspicious Activity: When you notice that you have been scammed or a certain activity is fraudulent, ensure to report the incidents to the necessary authorities and the platforms to prevent others from being scammed.

‍

Conclusion: 

The claim of 84 day free recharge worth ₹719 to all users in India as an “Election Bonus”  is false and similar kinds of various links are consistently surfing through the internet. The deceptive practices employed in these kinds of links are insecure and it has multiple redirects to false promises which highlights the need for heightened awareness and caution among internet users.  In this digital world, it is important to stay informed, verify the authenticity of resources to protect personal information. Individuals can safeguard themselves against such fraudulent schemes and contribute to a safer online environment.

‍