Light Up Diwali with Cyber Safety: Don’t Fall for Phishing Scams
Introduction
As the 2024 Diwali festive season approaches, netizens eagerly embrace the spirit of celebration with online shopping, gifting, and searching for the best festive deals on online platforms. Historical web data from India shows that netizens' online activity spikes at this time as people shop online to upgrade their homes, buy unique presents for loved ones and look for services and products to make their celebrations more joyful.
However, with the increase in online transactions and digital interactions, cybercriminals take advantage of the festive rush by enticing users with fake schemes, fake coupons offering freebies, fake offers of discounted jewellery, counterfeit product sales, festival lotteries, fake lucky draws and charity appeals, malicious websites and more. Cybercrimes, especially phishing attempts, also spike in proportion to user activity and shopping trends at this time.
Hence, it becomes important for all netizens to stay alert, making sure their personal information and financial data is protected and ensure that they exercise due care and caution before clicking on any suspicious links or offers. Additionally, brands and platforms also must make strong cybersecurity a top priority to safeguard their customers and build trust.
Diwali Season and Phishing Attempts
Last year's report from CloudSEK's research team noted an uptick in cyber threats during the Diwali period, where cybercriminals leveraged the festive mood to launch phishing, betting and crypto scams. The report revealed that phishing attempts target the e-commerce industries and seek to damage the image of reputable brands. An astounding 828 distinct domains devoted to phishing activities were found in the Facebook Ads Library by CloudSEK's investigators. The report also highlighted the use of typosquatting techniques to create phony-but-plausible domains that trick users into believing they are legitimate websites, by exploiting common typing errors or misspellings of popular domain names. As fraudsters are increasingly misusing AI and deepfake technologies to their advantage, we expect even more of these dangers to surface this year over the festive season.
CyberPeace Advisory
It is important that netizens exercise caution, especially during the festive period and follow cyber safety practices to avoid cybercrimes and phishing attempts. Some of the cyber hygiene best practices suggested by CyberPeace are as follows:
- Netizens must verify the sender’s email, address, and domain with the official site for the brand/ entity the sender claims to be affiliated with.
- Netizens must avoid clicking links received through email, messages or shared on social media and consider visiting the official website directly.
- Beware of urgent, time-sensitive offers pressuring immediate action.
- Spot phishing signs like spelling errors and suspicious URLs to avoid typosquatting tactics used by cybercriminals.
- Netizens must enable two-factor authentication (2FA) for an additional layer of security.
- Have authenticated antivirus software and malware detection software installed on your devices.
- Be wary of unsolicited festive deals, gifts and offers.
- Stay informed on common tactics used by cybercriminals to launch phishing attacks and recognise the red flags of any phishing attempts.
- To report cybercrimes, file a complaint at cybercrime.gov.in or helpline number 1930. You can also seek assistance from the CyberPeace helpline at +91 9570000066.
References
- https://www.outlookmoney.com/plan/financial-plan/this-diwali-beware-of-these-financial-scams
- https://www.businesstoday.in/technology/news/story/diwali-and-pooja-domains-being-exploited-by-online-scams-see-tips-to-help-you-stay-safe-405323-2023-11-10
- https://www.abplive.com/states/bihar/bihar-crime-news-15-cyber-fraud-arrested-in-nawada-before-diwali-2024-ann-2805088
- https://economictimes.indiatimes.com/tech/technology/phishing-you-a-happy-diwali-ai-advancements-pave-way-for-cybercriminals/articleshow/113966675.cms?from=mdr