#FactCheck - Viral Video Falsely Linked to India; Actually from Bangladesh

Executive Summary:

This report deals with a recent cyberthreat that took the form of a fake message carrying a title of India Post which is one of the country’s top postal services. The scam alerts recipients to the failure of a delivery due to incomplete address information and requests that they click on a link (http://iydc[.]in/u/5c0c5939f) to confirm their address. Privacy of the victims is compromised as they are led through a deceitful process, thereby putting their data at risk and compromising their security. It is highly recommended that users exercise caution and should not click on suspicious hyperlinks or messages.

False Claim:

The fraudsters send an SMS stating the status of delivery of an India Mail package which could not be delivered due to incomplete address information. They provide a deadline of 12 hours for recipients to confirm their address by clicking on the given link (http://iydc[.]in/u/5c0c5939f). This misleading message seeks to fool people into disclosing personal information or compromising the security of their device. 

‍

‍

The Deceptive Journey:

• First Contact: The SMS is sent and is claimed to be from India Post, informs users that due to incomplete address information the package could not be delivered.

• Recipients are then expected to take action by clicking on the given link (http://iydc[.]in/u/5c0c5939f) to update the address. The message creates a panic within the recipient as they have only 12 hours to confirm their address on the suspicious link.

• Click the Link: Inquiring or worried recipients click on the link.

• User Data: When the link is clicked, it is suspected to  launch possible remote scripts in the background and collect personal information from users.

• Device Compromise: Occasionally, the website might also try to infect the device with malware or take advantage of security flaws.

The Analysis:

• Phishing Technique: The scam allures its victims with a phishing technique and poses itself as the India Post Team, telling the recipients to click on a suspicious link to confirm the address as the delivery package can’t be delivered due to incomplete address. 
• Fake Website Creation: Victims are redirected to a fraudulent website when they click on the link (http://iydc[.]in/u/5c0c5939f) to update their address.
• Background Scripts: Scripts performing malicious operations such as stealing the visitor information, distributing viruses are suspected to be running in the background. This script can make use of any vulnerability in the device/browser of the user to extract more info or harm the system security.
• Risk of Data Theft: This type of fraud has the potential to steal the data involved because it lures the victims into giving their personal details by creating fake urgency. The threat actors  can use it for various illegal purposes such as financial fraud, identity theft and other criminal purposes in future.
• Domain Analysis: The iydc.in domain was registered on the 5th of April, 2024, just a short time ago. Most of the fraud domains that are put up quickly and utilized in criminal activities are usually registered in a short time.
• Registrar: GoDaddy.com, LLC, a reputable registrar, through which  the domain is registered. 
• DNS: Chase.ns.cloudflare.com and delilah.ns.cloudflare.com are the name servers used by Cloudflare to manage domain name resolution. 
• Registrant: Apart from the fact that it is in Thailand, not much is known about the registrant probably because of using the privacy reduction plugins. 

• Domain Name: iydc.in
• Registry Domain ID: DB3669B210FB24236BF5CF33E4FEA57E9-IN
• Registrar URL: www.godaddy.com
• Registrar: GoDaddy.com, LLC
• Registrar IANA ID: 146
• Updated Date: 2024-04-10T02:37:06Z
• Creation Date: 2024-04-05T02:37:05Z (Registered in very recent time)
• Registry Expiry Date: 2025-04-05T02:37:05Z
• Registrant State/Province: errww
• Registrant Country: TH (Thailand)
• Name Server: delilah.ns.cloudflare.com
• Name Server: chase.ns.cloudflare.com

Note: Cybercriminals used Cloudflare technology to mask the actual IP address of the fraudulent website.

CyberPeace Advisory:

• Do not open the messages received from social platforms in which you think that such messages are suspicious or unsolicited. In the beginning, your own discretion can become your best weapon.
• Falling prey to such scams could compromise your entire system, potentially granting unauthorized access to your microphone, camera, text messages, contacts, pictures, videos, banking applications, and more. Keep your cyber world safe against any attacks.
• Never reveal sensitive data such as your login credentials and banking details to entities where you haven't validated as reliable ones.
• Before sharing any content or clicking on links within messages, always verify the legitimacy of the source. Protect not only yourself but also those in your digital circle.
• Verify the authenticity of alluring offers before taking any action.
  

Conclusion:

The India Post delivery scam is an example of fraudulent activity that uses the name of trusted postal services to trick people. The campaign is initiated by using deceptive texts and fake websites that will trick the recipients into giving out their personal information which can later be used for identity theft, financial losses or device security compromise. Technical analysis shows the sophisticated tactics used by fraudsters through various techniques such as phishing, data harvesting scripts and the creation of fraudulent domains with less registration history etc.  While encountering such messages, it's important to verify their authenticity from official sources and take proactive measures to protect both your personal information and devices from cyber threats. People can reduce the risk of falling for online scams by staying informed and following cybersecurity best practices.

‍

Introduction

The Supreme Court of India recently ruled that telecom companies cannot be debarred from reissuing the deactivated numbers to a new subscriber. Notably, such reallocation of deactivated numbers is allowed only after the expiration of the period of 90 days. The Apex Court of India also mentioned that it is the responsibility of the user to delete their associated data with their number or any WhatsApp account data to ensure privacy. The  Centre has recently also blocked 22 apps which were part of unlawful operations including betting and money laundering. Meanwhile, in the digital landscape, the Intervention of legislature and judiciary is playing a key role in framing policies or coming up with guidelines advocating for a true cyber-safe India.  The government initiatives are encouraging the responsible use of technologies and Internet-availed services. 

Supreme Court stated that  telecom companies cannot be barred from reissuing deactivated numbers

Taking note of a petition before the Supreme Court of India, seeking direction from the Telecom Regulatory Authority of India (TRAI) to instruct mobile service providers to stop issuing deactivated mobile numbers, the Apex Court dismissed it by stating that mobile service providers in India are allowed to allocate the deactivated numbers to new users or subscribers but only after 90 days from the deactivation of the number. 

A concern of Breach of Confidential Data

The Court further stated, “It is for the earlier subscriber to take adequate steps to ensure that privacy is maintained.” stating that it is the responsibility of the user to delete their WhatsApp account attached to the previous phone number and erase their data. The Court further added that users need to be aware of the Supreme Court ruling that once the number is deactivated for non-use and disconnection, it can not be reallocated before the expiry of the 90-day period of such deactivation. However, after the allotted time passes, such reallocation of numbers to a new user is allowed.   

MEITY issued blocking orders against 22 illegal betting apps & websites

The government of India has been very critical in safeguarding Indian cyberspace by banning and blocking various websites and apps that have been operating illegally by scamming/dupping people of huge sums of money and also committing cyber crimes like data breaches. In recent developments, the Ministry of Electronic and Information Technology (Meity), on November 5, 2023, banned 22 apps including Mahadev Book and Reddyannaprestopro. The Centre has taken this decision on recommendations from the Enforcement Directorate (ED). ED raids on the Mahadev book app in Chattisgarh also revealed unlawful operations. This investigation has been underway for the past few months by the ED.

Applicable laws to prevent money laundering and the power of government to block such websites and apps

On the other hand, the Prevention of Money Laundering Act (PMLA) 2002 is a legislation already in place which aims to prevent and prosecute cases of money laundering. The government also has the power to block or recommend shutting down websites and apps under section 69A of the Information and Technology Act, 2000, under some specific condition as enumerated in the same.

Conclusion

In the evolving digital landscape, cyberspace covers several aspects while certain regulations or guidelines are required for smooth and secure functioning.  We sometimes change our phone numbers or deactivate them, hence, it is significantly important to delete the data associated with the phone number or any such social media account data attached to it. Hence, such a number is eligible for reallocation to a new or early subscriber after the expiration of a period of 90 days from such deactivation. On the other hand, the centre has also blocked the websites or apps that were found to be part of illegal operations including betting and money laundering. Users have also been advised not to misuse the Internet-availed services. Hence, trying to create a lawful and safe Internet environment for all. 

‍

References:

• https://timesofindia.indiatimes.com/india/cant-bar-telecom-companies-from-reissuing-deactivated-numbers-says-supreme-court/articleshow/104993401.cms
• https://pib.gov.in/PressReleseDetailm.aspx?PRID=1974901#:~:text=Ministry%20of%20Electronics%20and%20Information,including%20Mahadev%20Book%20and%20Reddyannaprestopro 

Introduction

In recent times the evolution of cyber laws has picked up momentum, primarily because of new and emerging technologies. However, just as with any other law, the same is also strengthened and substantiated by judicial precedents and judgements. Recently Delhi High Court has heard a matter between Tata Sky and Linkedin, where the court has asked them to present their Chief Grievance Officer details and SoP per the intermediary guidelines 2021.

Furthermore, in another news, officials from RBI and Meity have been summoned by the Parliamentary Standing Committee in order to address the rising issues of cyber securities and cybercrimes in India. This comes on the very first day of the monsoon session of the parliament this year. As we move towards the aspects of digital India, addressing these concerns are of utmost importance to safeguard the Indian Netizen.

The Issue

Tata Sky changed its name to Tata Play last year and has since then made its advent in the OTT sector as well. As the rebranding took place, the company was very cautious of anyone using the name Tata Sky in a bad light. Tata Play found that a lot of people on Linkedin had posted their work experience in Tata Sky for multiple years, as any new recruiter cannot verify the same. This poses a misappropriation of the brand’s name. This issue was reported to Linkedin multiple times by officials of Tata Play, but no significant action was seen. This led to an issue between the two brands; hence, a matter has been filed in front of the Hon’ble Delhi High Court to address the issue. The court has taken due cognisance of the issue, and hence in accordance with the Intermediary Guidelines 2021, the court has directed Linkedlin to provide the details of their Cheif Grievance Officer in the public domain and also to share the SoP for the redressal of issues and grievances. The guidelines made it mandatory for all intermediaries to set up a dedicated office in India and appoint a Chief Grievance Officer responsible for effective and efficient redressal of the platform-related offences and grievances within the stipulated period.

The job platform has also been ordered to share the SoPs and the various requirements and safety checks for users to create profiles over Linkedin. The policy of Linkedin is focused towards the users as well as the companies existing on the platform in order to create a synergy between the two.

RBI and Meity Official at Praliament

As we go deeper into cyberspace, especially after the pandemic, we have seen an exponential rise in cybercrimes. Based on statistics, 4 out of 10 people have been victims of cybercrimes in 2022-23, and it is estimated that 70% of the population has been subjected to direct or indirect cybercrime. As per the latest statistics, 85% of Indian children have been subjected to cyberbullying in some form or the other.

The government has taken note of the rising numbers of such crimes and threats, and hence the Parliamentary Committee has summoned the officials from RBI and the Ministery of Electronics and Information Technology to the parliament on July 20, 2023, i.e. the first day of monsoon session at the parliament. This comes at a very crucial time as the Digital Personal Data Protection Bill is to be tabled in the parliament this session and this marks the revamping of the legislation and regulations in the Indian cyberspace. As emerging technologies have started to surround us it is pertinent to create legal safeguards and practices to protect the Indian Netizen at large.

Conclusion

The legal crossroads between Tata Sky and Linkedin will go a long way in establishing the mandates under the Intermediary guidelines in the form of legal precedents. The compliance with the rule of law is the most crucial aspect of any democracy. Hence the separation of power between the Legislature, Judiciary and Execution has been fundamental in safeguarding basic and fundamental rights.  Similarly, the RBI and Meity officials being summoned to the parliament shows the transparency in the system and defines the true spirit of democracy., which will contribute towards creating a safe and secured Indian Cyberspace.

‍