Launch of Central Suspect Registry to Combat Cyber Crimes

Executive Summary:

This report discloses a new cyber threat contributing to the list of threats targeting internet users in the name of "Aarong Ramadan Gifts". The fraudsters are imitating the popular Bangladeshi brand Aarong, which is known for its Bengali ethnic wear and handicrafts, and allure the victims with the offer of exclusive gifts for Ramadan. The moment when users click on the link, they are taken through a fictitious path of quizzes, gift boxes, and social proof, that simply could damage their personal information and system devices. Through knowing how this is done we can educate users to take caution and stop themselves from falling into cyber threats.

False Claim:

The false message accompanied by a link on social media, claims that Aarong, one of the most respected brands in Bangladesh for their exquisite ethnic wear and handicrafts, is providing Ramadan gifts exclusively through online promotion. And while that may be the facade of the scam, its real aim is to lead users to click on harmful links that may end up in their personal data and devices being compromised.

‍

The Deceptive Journey:

• The Landing page starts with a salutation and a catchy photo of Aarong store, and later moves ahead encouraging the visitors to take a part of a  short quiz to claim the gift. This is designed for the purpose of creating a false image of authenticity and trustworthiness.
• A certain area at the end of the page looks like a social media comment section, and users are posting the positive impacts the claim has on them. This is one of the techniques to build the image of a solid base of support and many partakers.
• The quiz starts with a few easy questions on how much the user knows about Aarong and their demographics. This data is vital in the development of more complex threats and can be used to address specific targets in the future.
• After the user hits the OK button, the screen displays a matrix of the Gift boxes, and the user then needs to make at least 3 attempts to  attain the reward. This is a commonly used approach which allows the scammer to keep users engaged longer and increases the chances of making them comply with the fraudulent scheme.
• The user is instructed to share the campaign on WhatsApp from this point of the campaign, and the user must keep clicking the WhatsApp button until the progress bar is complete. This is a way to both expand and perpetuate the scam, affecting many more users.
• After completing the steps, the user is shown instructions on how to claim the prize.

The Analysis:

• The home page and quiz are structured to maintain a false impression of genuineness and proficiency, thus allowing the victims to partake in the fraudulent design. The compulsion to forward the message in WhatsApp is the way they inspire more and more users and eventually get into the scam.
• The final purpose of the scam could be to obtain personal data from the user and eventually enter their devices, which could lead to a higher risk of cyber threats, such as identity theft, financial theft, or malware installation.
• We have also cross-checked and as of now there is no well established and credible source or any official notification that has confirmed such an offer advertised by Aarong.
• The campaign is hosted on a third party domain instead of the official Website, this raised suspicion. Also the domain has been registered recently.
• The intercepted request revealed a connection to a China-linked analytical service, Baidu in the backend.

‍

• Domain Name: apronicon.top
• Registry Domain ID: D20231130G10001G_13716168-top
• Registrar WHOIS Server: whois.west263[.]com
• Registrar URL: www.west263[.]com
• Updated Date: 2024-02-28T07:21:18Z
• Creation Date: 2023-11-30T03:27:17Z  (Recently created)
• Registry Expiry Date: 2024-11-30T03:27:17Z
• Registrar: Chengdu west dimension digital
• Registrant State/Province: Hei Long Jiang
• Registrant Country: CN (China)
• Name Server: amos.ns.cloudflare[.]com
• Name Server: zara.ns.cloudflare[.]com

Note: Cybercriminal used Cloudflare technology to mask the actual IP address of the fraudulent website.

CyberPeace Advisory:

• Do not open those messages received from social platforms in which you think that such messages are suspicious or unsolicited. In the beginning, your own discretion can become your best weapon.
• Falling prey to such scams could compromise your entire system, potentially granting unauthorized access to your microphone, camera, text messages, contacts, pictures, videos, banking applications, and more. Keep your cyber world safe against any attacks.
• Never, in any case, reveal such sensitive data as your login credentials and banking details to entities you haven't validated as reliable ones.
• Before sharing any content or clicking on links within messages, always verify the legitimacy of the source. Protect not only yourself but also those in your digital circle.
• For the sake of the truthfulness of offers and messages, find the official sources and companies directly. Verify the authenticity of alluring offers before taking any action.

Conclusion:

Aarong Ramadan Gift scam is a fraudulent act that takes advantage of the victims' loyalty to a reputable brand. The realization of the mechanism used to make the campaign look real, can actually help us become more conscious and take measures to our community not to be inattentive against cyberthreats. Be aware, check the credibility, and spread awareness to others wherever you can, to contribute in building a security conscious digital space.

‍

Introduction

Apple launched Passkeys with iOS 16 as a more authentic and secure mechanism. It is safer than passwords, and it is more efficient in comparison to passwords. Apple users using iOS 16 passkeys features should enable two-factor authentication.  The passkeys are an unchallenging mechanism than the passwords for the passkeys. The user just has to open the apps and websites, and then the biometric sensor automatically recognises the face and fingerprints. There can be a PIN and pattern used to log instead of passwords. The passkeys add an extra coating of protection to the user’s systems against cyber threats like phishing attacks by SMS and one-time password-based. In a report 9 to 5mac, there is confirmation that 95% of users are using passkeys. Also, with the passkeys, users’ experience will be better, and it is a more security-proof mechanism. The passwords were weak, reused credentials and credentials leaked, and the chances of phishing attacks were real.

What are passkeys?

Passkey is a digital key linked to users’ accounts and websites or applications. Passkeys allow the user to log into any application and website without entering passwords, usernames, or other details. The aim of this new feature is to replace the old long pattern of entering passwords for going through any websites and applications.

The passkeys are developed by Microsoft, Apple, and Google together, and it is also called FIDO Authentication (Fast identity online). It eliminates the need to remember passwords and the need for typing. So, the passkeys work as they replace the password with a unique digital key, which is tied to the account then, the key is stored in the device itself, and it is end-to-end encrypted. The passkeys will always be on the sites on which users specifically created them. the passkeys use the technology of cryptography for more security purposes.  And the passkeys guarantee against the phish.

And since the passkeys follow FIDO standards so, this also can be used for third-party nonapple devices as the third-party device generate a QR code that enables the iOS user to scan that to log in. It will recognise the face of the person for authentication and then asks for permission on another device to deny or allow.

How are passkeys more secure than passwords?

The passkeys follow the public key cryptographic protocols that support the security keys, and they work against phishing and other cyber threats. It is more secure than SMS and apps based on one-time passwords. And another type of multi-factor authentication.

Why are passwords insecure?

The users create passwords easily, and it is wondering if they are secure. The very important passwords are short and easy to crack as they generally relate to the user’s personal information or popular words. One password is reused by the user to the different accounts, and then, in this case, hacking one account gives access to all accounts to the hackers. The problem is that passwords have inherent flaws, like they could be easily stolen.

Are passkeys about to become obligatory?

Many websites restrict the type of passwords, as some websites ask for mixtures of numbers and symbols, and many websites ask for two-factor authentication. There is no surety about the obligation of passkeys widespread as it is still a new concept and it will take time, so it is going to be optional for a while.

• There was a case of a Heartland payment system data breach, and Heartland was handling over 100 million monthly credit card transactions for 175,000 retailers at the time of the incident. Visa and MasterCard detected the hack in January 2009 when they notified Heartland of suspicious transactions. And this happened due to a password breach. The corporation paid an estimated $145 million in settlement for illegal payments. Today, data-driven breaches affect millions of people’s personal information.
• GoDaddy reported a security attack in November that affected the accounts of over a million of its WordPress customers. The attacker acquired unauthorised access to GoDaddy’s Managed WordPress hosting environment by hacking into the provisioning system in the company’s legacy Managed WordPress code.

Conclusion

The use of strong and unique passwords is an essential requirement to safeguard information and data from cyberattacks, but still, passwords have its own disadvantages. And by the replacement of passwords, a passkey, a digital key that ensures proper safety and there is security against cyberattacks and cybercrimes through passkey. There are cases above-mentioned that happened due to the password’s weaker security. And in this technology world, there is a need for something for protection and prevention from cybercrimes, and the world dumps passwords and adopts passkeys.

References

• https://www.cnet.com/tech/mobile/switch-to-passkeys-more-secure-than-passwords-on-ios-16-iphone-14/
• https://economictimes.indiatimes.com/magazines/panache/google-is-ending-passwords-rolls-out-passkeys-for-easy-log-in-how-to-set-it/articleshow/99988444.cms?from=mdr
• https://security.googleblog.com/2023/05/making-authentication-faster-than-ever.html#:~:text=Because%20they%20are%20based%20on,%2Dfactor%20authentication%20(MFA).

Introduction

The Kumbh Mela is known worldwide as India's most significant pilgrimage and has earned a place on the UNESCO Intangible Cultural Heritage of Humanity list in 2017.  This year, the Maha Kumbh will be held in Prayagraj, Uttar Pradesh, with 40 crore devotees from all over the world expected to attend this momentous event from January 13th  to 26th February 2025. As the world embraces the blessings of digitalisation, people are increasingly relying on the Internet for arranging their travel, booking rooms, and securing accommodations for this grand spiritual journey. 

However, amidst this digital age, where the conveniences offered are manifold, there also lurks the shadow of deceit. Cybercriminals are finding innovative ways to entrap innocent individuals. Fraudulent activities are on the rise, with wrongdoers operating fake websites that promise secure bookings for cottages, tents, and other accommodations for the Mahakumbh event. Like the deceptive mirage that the desert traveller may mistakenly believe to be an oasis, these malicious sites lure pilgrims with the false hope of easy arrangements, only to exploit their trust and commit malicious cyber fraudulent activities. 

Policy and Preventive Measures Taken by Government

This year, the government has taken steps to utilise digitalisation services to enhance the experience of devotees, blending innovation with tradition. However, considering the rise in cyber scams, a dedicated cyber police station has also been established at Maha Kumbh 2025 to address threats such as the misuse of AI, the dark web, and social media platforms. This initiative aims to protect devotees from potential scams.

To strengthen safety measures, a special team of selected officers from across the state has been deployed in Mahakumbh Nagar, Prayagraj, to provide cybersecurity and ensure the safety of pilgrims. A dedicated cyber police station or digital police station will ensure round-the-clock monitoring of cyberspace.

‍

The cybersecurity team has already identified 44 suspicious websites and initiated action against them. To further safeguard devotees attending Maha Kumbh 2025, a large-scale awareness campaign is being conducted to educate users about potential cyber threats.

The Role of Digital Discipline in Navigating the Uncharted Waters of the Internet

As the Yajurveda (ancient Vedic scriptures of Hinduism) reminds us ‘सत्यं चानृतं च सत्यं अभवत्, यदेतत् तपसा तप्यताम्।’. This learning translates into English as "Truth and falsehood are both present, yet truth is purified through intense discipline”. The Mahakumbh is a confluence not just of rivers but of faith and humanity's eternal quest for truth (Satyam). In the digital age, this vigilance extends to protecting ourselves from cyber frauds and scams that exploit the sanctity of occasions like the Mahakumbh. Just as devotees seek purity through holy rituals, we must also embrace Digital Discipline to navigate the confluence of tradition and technology safely.

Here are some Digital Discipline best practices you must follow:

• Be cautious of fake websites, fraudulent travel agencies, and scam bookings. Always verify legitimacy before engaging in any  transactions.  
• Stay alert for fake donation requests and only contribute to verified organizations.
• Be aware of any mis/disinformation and implausible claims surrounding the Mahakumbh event and verify it from authenticated sources. The official website of Mahakumbh is https://kumbh.gov.in.
• To report any cybercrime or issue, you can report it on the National Cyber Crime Reporting Portal at https://cybercrime.gov.in/, equipped with a 24x7 helpline 1930 that serves as a powerful resource available to the victims of cybercrimes to report their cases.

Conclusion

Netizens worldwide must prioritise Digital Discipline to ensure they are safeguarded from the snares of these cyber miscreants, so that they may safely and joyfully embark on their journey to the Maha Kumbh and receive divine blessings and purity of purpose through the experience.

References

• https://www.deccanherald.com/india/uttar-pradesh/up-police-gets-on-its-toes-to-ensure-cyber-safe-maha-kumbh-3335911
• https://www.hindustantimes.com/cities/others/four-cyber-crooks-held-for-operating-fake-booking-websites-101735326388201.html
• https://www.indiatvnews.com/uttar-pradesh/maha-kumbh-2025-cyber-police-station-set-up-in-prayagraj-to-safeguard-devotees-from-online-frauds-in-city-preparation-security-other-details-2024-12-11-965745
• https://organiser.org/2024/12/12/268915/bharat/mahakumbh-2025-cyber-police-station-set-up-to-protect-devotees-from-ai-and-social-media-scammers/
• https://www.ptinews.com/story/national/maha-kumbh-56-cyber-warriors-deployed-to-safeguard-devotees-against-online-scams/2135062