#FactCheck

Executive Summary:

The picture that went viral with the false story that Dhoni was supporting the Congress party, actually shows his joy over Chennai Super Kings' victory in the achievement of 6 million followers on X (formerly known as Twitter) in 2020. Dhoni's gesture was misinterpreted by many, which resulted in the spread of false information. The Research team of CyberPeace did an in-depth investigation of the photo's roots and confirmed its authenticity through a reverse image search, highlighting how news outlets and CSK's official social media channels shared it. The case illustrates the value of fact verification and the role of real information in preventing the fake news epidemic.

Claims:

An image of former Indian Cricket captain Mahendra Singh Dhoni, showed him urging people to vote for the Congress party,  wearing the Chennai Super Kings (CSK) jersey and showing his right palm visible and gesturing the number 'one' with his left index finger. In reality he is celebrating Chennai Super Kings' milestone achievement on X (formerly Twitter) in 2020. Many people are sharing the misinterpretation knowingly or unknowingly over social media platforms.

Fact Check:

After receiving the post, we ran a reverse image search of the image and found a news article published by NDTV. According to the news outlet, Dhoni and his teammates were celebrating CSK's milestone of reaching six million followers on X (formerly known as Twitter) in the photos.

‍

In the image it is written as a tweet of @chennaiipl, to get an idea we dig into the official account of Chennai Super Kings on X (formerly known as Twitter). And Voila! we found the exact post which surfaced on the X (formerly known as Twitter) on 5th October 2020.

Additionally, we found a video posted on the X (formerly known as Twitter) handle of CSK, featuring other cricketers celebrating the Six Million Followers milestone for which they are thanking the audience for their support. Again, it was posted on Oct 05, 2020. The caption of the video is written as “Chennai Super #SixerOnTwitter! A big thanks to all the super fans for each and every bouquet and brickbat throughout the last decade. All the #yellove to you. #WhistlePodu”

‍

Therefore it is easy to conclude that the viral image of MS Dhoni supporting Congress is wrong and misleading.

Conclusion:

The information that circulated online media regarding a picture of Mahendra Singh Dhoni supporting the Congress Party has been proven to be untrue. The actual photograph was of Dhoni congratulating the Chennai Super Kings for having six million followers on social media in the year 2020. This highlights the need for checking the facts of any news circulating online.

• Claim: A photo allegedly depicting former Indian cricket captain Mahendra Singh Dhoni encouraging people to support the Congress party in elections surfaced online.
• Claimed on: X (Formerly known as Twitter) 
• Fact Check: Fake & Misleading

Executive Summary

The viral video, in which south actor Allu Arjun is seen supporting the Congress Party's campaign for the upcoming Lok Sabha Election, suggests that he has joined Congress Party. Over the course of an investigation, the CyberPeace Research Team uncovered that the video is a close up of Allu Arjun marching as the Grand Marshal of the 2022 India Day parade in New York to celebrate India’s 75th Independence Day. Reverse image searches, Allu Arjun's official YouTube channel, the news coverage, and stock images websites are also proofs of this fact. Thus, it has been firmly established that the claim that Allu Arjun is in a Congress Party's campaign is fabricated and misleading

‍

Claims:

The viral video alleges that the south actor Allu Arjun is using his popularity and star status as a way of campaigning for the Congress party during the 2024 upcoming Lok Sabha elections.

‍

Fact Check:

Initially, after hearing the news, we conducted a quick search using keywords to relate it to actor Allu Arjun joining the Congress Party but came across nothing related to this. However, we found a video by SoSouth posted on Feb 20, 2022, of Allu Arjun’s Father-in-law Kancharla Chandrasekhar Reddy joining congress and quitting former chief minister K Chandrasekhar Rao's party. 

Next, we segmented the video into keyframes, and then reverse searched one of the images which led us to the Federation of Indian Association website. It says that the picture is from the 2022 India Parade. The picture looks similar to the viral video, and we can compare the two to help us determine if they are from the same event.

‍

Taking a cue from this, we again performed a keyword search using “India Day Parade 2022”. We found a video uploaded on the official Allu Arjun YouTube channel, and it’s the same video that has been shared on Social Media in recent times with different context. The caption of the original video reads, “Icon Star Allu Arjun as Grand Marshal @ 40th India Day Parade in New York | Highlights | #IndiaAt75”

‍

The Reverse Image search results in some more evidence of the real fact, we found the image on Shutterstock, the description of the photo reads, “NYC India Day Parade, New York, NY, United States - 21 Aug 2022 Parade Grand Marshall Actor Allu Arjun is seen on a float during the annual Indian Day Parade on Madison Avenue in New York City on August 21, 2022.”

‍

With this, we concluded that the Claim made in the viral video of Allu Arjun supporting the Lok Sabha Election campaign 2024 is baseless and false.

Conclusion:

The viral video circulating on social media has been put out of context. The clip, which depicts Allu Arjun's participation in the Indian Day parade in 2022, is not related to the ongoing election campaigns for any Political Party.

Hence, the assertion that Allu Arjun is campaigning for the Congress party is false and misleading.

• Claim: A video, which has gone viral, says that actor Allu Arjun is rallying for the Congress party.
• Claimed on: X (Formerly known as Twitter) and YouTube
• Fact Check: Fake & Misleading

‍

Executive Summary:

A manipulated image showing someone making an offensive gesture towards Prime Minister Narendra Modi is circulating on social media. However, the original photo does not display any such behavior towards the Prime Minister. The CyberPeace Research Team conducted an analysis and found that the genuine image was published in a Hindustan Times article in May 2019, where no rude gesture was visible. A comparison of the viral and authentic images clearly shows the manipulation. Moreover, The Hitavada also published the same image in 2019. Further investigation revealed that ABPLive also had the image.

Claims:

A picture showing an individual making a derogatory gesture towards Prime Minister Narendra Modi is being widely shared across social media platforms.

‍

Fact Check:

Upon receiving the news, we immediately ran a reverse search of the image and found an article by Hindustan Times, where a similar photo was posted but there was no sign of such obscene gestures shown towards PM Modi.

ABP Live and The Hitavada also have the same image published on their website in May 2019. 

‍

Comparing both the viral photo and the photo found on official news websites, we found that almost everything resembles each other except the derogatory sign claimed in the viral image.

With this, we have found that someone took the original image, published in May 2019, and edited it with a disrespectful hand gesture, and which has recently gone viral across social media and has no connection with reality.

Conclusion:

In conclusion, a manipulated picture circulating online showing someone making a rude gesture towards Prime Minister Narendra Modi has been debunked by the Cyberpeace Research team. The viral image is just an edited version of the original image published in 2019. This demonstrates the need for all social media users to check/ verify the information and facts before sharing, to prevent the spread of fake content. Hence the viral image is fake and Misleading.

• Claim: A picture shows someone making a rude gesture towards Prime Minister Narendra Modi
• Claimed on: X, Instagram
• Fact Check: Fake & Misleading

‍

Executive Summary

A viral video allegedly featuring cricketer Virat Kohli endorsing a betting app named ‘Aviator’ is being shared widely across the social platform. CyberPeace Research Team’s Investigations revealed that the same has been made using the deepfake technology. In the viral video, we found some potential anomalies that can be said to have been created using Synthetic Media, also no genuine celebrity endorsements for the app exist, we have also previously debunked such Deep Fake videos of cricketer Virat Kohli regarding the misuse of deep fake technology. The spread of such content underscores the need for social media platforms to implement robust measures to combat online scams and misinformation.

‍

‍

Claims:

The claim made is that a video circulating on social media depicts Indian cricketer Virat Kohli endorsing a betting app called "Aviator." The video features an Indian News channel named India TV, where the journalist reportedly endorses the betting app followed by Virat Kohli's experience with the betting app.

‍

‍

   Post link

Fact Check:

Upon receiving the news, we thoroughly watched the video and found some featured anomalies that are usually found in regular deep fake videos such as the lip sync of the journalist is not proper, and if we see it carefully the lips do not match with the audio that we can hear in the Video. It’s the same case when Virat Kohli Speaks in the video.

‍

We then divided the video into keyframes and reverse searched one of the frames from the Kohli’s part, we found a video similar to the one spread, where we could see Virat Kohli wearing the same brown jacket in that video, uploaded on his verified Instagram handle which is an ad promotion in collaboration with American Tourister. 

‍

‍

Post link

After going through the entire video, it is evident that Virat Kohli is not endorsing any betting app, rather he is talking about an ad promotion collaborating with American Tourister. 

We then did some keyword searches to see if India TV had published any news as claimed in the Viral Video, but we didn’t find any credible source.

Therefore, upon noticing the major anomalies in the video and doing further analysis found that the video was created using Synthetic Media, it's a fake and misleading one.

Conclusion:

The video of Virat Kohli promoting a betting app is fake and does not actually feature the celebrity endorsing the app. This brings up many concerns regarding how Artificial Intelligence is being used for fraudulent activities. Social media platforms need to take action against the spread of fake videos like these.

Claim: Video surfacing on social media shows Indian cricket star Virat Kohli promoting a betting application known as "Aviator."

Claimed on: Facebook

Fact Check: Fake & Misleading

‍

Executive Summary:

A picture about the April 8 solar eclipse, which was authored by AI and was not a real picture of the astronomical event, has been spreading on social media.  Despite all the claims of the authenticity of the image, the CyberPeace’s analysis showed that the image was made using Artificial Intelligence image-creation algorithms. The total solar eclipse on April 8 was observable only in those places on the North American continent that were located in the path of totality, whereas a partial visibility in other places was possible. NASA made the eclipse live broadcast for people who were out of the totality path. The spread of false information about rare celestial occurrences, among others, necessitates relying on trustworthy sources like NASA for correct information.

Claims:

An image making the rounds through social networks, looks like the eclipse of the sun of the 8th of April, which makes it look like a real photograph.

‍

Fact Check:

After receiving the news, the first thing we did was to try with Keyword Search to find if NASA had posted any lookalike image related to the viral photo or any celestial events that might have caused this photo to be taken, on their official social media accounts or website. The total eclipse on April 8 was experienced by certain parts of North America that were located in the eclipse pathway. A part of the sky above Mazatlan, Mexico, was the first to witness it. Partial eclipse was also visible for those who were not in the path of totality. 

Next, we ran the image through the AI Image detection tool by Hive moderation, which found it to be 99.2% AI-generated.

‍

Following that, we applied another AI Image detection tool called Isitai, and it found the image to be 96.16% AI-generated.

‍

With the help of AI detection tools, we came to the conclusion that the claims made by different social media users are fake and misleading. The viral image is AI-generated and not a real photograph.

Conclusion:

Hence, it is a generated image by AI that has been circulated on the internet as a real eclipse photo on April 8. In spite of some debatable claims to the contrary, the study showed that the photo was created using an artificial intelligence algorithm. The total eclipse was not visible everywhere in North America, but rather only in a certain part along the eclipse path, with partial visibility elsewhere. Through AI detection tools, we were able to establish a definite fact that the image is fake. It is very important, when you are talking about rare celestial phenomena, to use the information that is provided by the trusted sources like NASA for the accurate reason.

• Claim:  A viral image of a solar eclipse claiming to be a real photograph of the celestial event on April 08
• Claimed on: X, Facebook, Instagram, website
• Fact Check: Fake & Misleading

‍

Executive Summary

A misleading  advertisement circulating in social media providing attractive offers like iPhone15, AirPods and Smartwatches from the Indian e-commerce platform ‘Myntra’. This “Myntra - Festival Gifts” scam aims to attract the unsuspecting users into a series of redirects and fake interactions to compromise their personal information and devices. It is important to stay vigilant to protect ourselves from misleading attractive offers. Through this report, the Research Wing of CyberPeace explains about a series of processes that happens when the link gets clicked. Through this knowledge, we aim to provide awareness and empower the users to guard themselves and not fall into deceptive offers that aim to scam them.   

False Claim

The widely shared WhatsApp message claims that Myntra  is offering a wide range of high-valued prizes including the latest iPhone 15, AirPods, various smartwatches among all as a Festival Gift promotion. The campaign invites the users to click on the link provided and take a short quiz to be eligible for the prize.

‍

The Deceptive Scheme

• The link in the social media post is tailored to work only on mobile devices, users are taken through a chain of redirects.
• Users are greeted with the Myntra's "Big Fashion Festival" branding accompanied by Myntra’s logo once they reach the landing page, which gives an impression of authenticity.
• Next, a simple quiz asks basic questions about the user's shopping experience with Myntra, their age, and gender.
• On the bottom of the quiz, there is a comment section that shows the comments from users who are supposedly provided with the prizes to look real,  
• After the completion of the quiz, users are presented with a Spin-to-Win mechanism, to win the prize. 
• After winning, a congratulatory message is displayed which says that the user has won an iPhone 15.
• The final step requires the user to share the campaign over WhatsApp in order to claim the prize.

 Analyzing the Fraudulent Campaign 

• The use of Myntra's branding and the promise of exclusive, high-value prizes are designed to attract  users' interest.
• The fake comments and social proof elements aim to create a false sense of legitimacy and widespread participation, making the offer seem more credible.
• The series of redirects, quizzes, and Spin-to-Win mechanics are tactics to keep users engaged and increase the likelihood of them falling for the scam.
• The final step of sharing the post on WhatsApp is a way for the scammers to further spread the campaign and compromise more victims. Through sharing the link over WhatsApp, users become unaware accomplices that are simply assisting the scammers to reach an even bigger audience and hence their popularity.

• The primary objectives of such scams are to gather users' personal information and potentially gain access to their devices. By luring users with the promise of exclusive gifts and creating a false sense of legitimacy, the scammers aim to exploit user trust and compromise their data, leading to potential identity theft, financial fraud, or the installation of potentially unwanted softwares.
• We have also cross-checked and as of now there is no well established and credible source or any official notification that has confirmed such an offer advertised by Myntra.
• Domain Analysis: If we closely look at the viral message, it is clearly visible that the scammers mentioned myntra.com in the url. However, the actual url takes the user to a different domain as the campaign is hosted on a third party domain instead of the official Website of Myntra, this raised suspicion. This is the common way to deceive users into falling for a Phishing scam. Whois information reveals that the domain has been registered not long ago i.e on 8th April 2024, just a few days back. Cybercriminals used Cloudflare technology to mask the actual IP address of the fraudulent website.

• Domain Name: MYTNRA.CYOU
• Registry Domain ID: D445770144-CNIC
• Registrar WHOIS Server: whois.hkdns.hk
• Registrar URL: http://www.hkdns.hk
• Updated Date: 2024-04-08T03:27:58.0Z
• Creation Date: 2024-04-08T02:58:14.0Z
• Registry Expiry Date: 2025-04-08T23:59:59.0Z
• Registrar: West263 International Limited
• Registrant State/Province: Delhi
• Registrant Country: IN
• Name Server: NORMAN.NS.CLOUDFLARE.COM
• Name Server: PAM.NS.CLOUDFLARE.COM

‍CyberPeace Advisory and Best Practices‍

• Do not open those messages received from social platforms in which you think that such messages are suspicious or unsolicited. In the beginning, your own discretion can become your best weapon.
• Falling prey to such scams could compromise your entire system, potentially granting unauthorized access to your microphone, camera, text messages, contacts, pictures, videos, banking applications, and more. Keep your cyber world safe against any attacks.
• Never, in any case, reveal such sensitive data as your login credentials and banking details to entities you haven't validated as reliable ones.
• Before sharing any content or clicking on links within messages, always verify the legitimacy of the source. Protect not only yourself but also those in your digital circle.
• For the sake of the truthfulness of offers and messages, find the official sources and companies directly. Verify the authenticity of alluring offers before taking any action.

Conclusion:

The “Myntra - Festival Gift” scam is a kind of manipulation in which the fraudsters exploit the trust of the users and take advantage of a popular e-commerce website. It is equally crucial to equip the users by imparting them knowledge on fraudulent behavior tactics like impersonating brands, creating fake social proof and application of different engagement strategies. We are required to remain alert and stand firm against cyber attacks. Be careful, make sure that information is verified and share awareness to help make a safe online environment for all users.

‍

Executive Summary:

In the digital world, people are becoming targets more and more of online scams, which rely on deception. One of the ways the social media is being used for the elections in recent time, is the "BJP - Election Bonus" offer that promises a cash prize of Rs. 5000 or more, through some easy questionnaire. This article provides the details of this swindle and reveals its deceptive tricks as well as gives a set of recommendations on how to protect yourself from such online fraud, especially during the upcoming elections.

False Claim:

The "BJP - Election Bonus" campaign boasts that by taking a few clicks of the mouse, users will get a cash prize. This scheme is nothing but a fake association with the Bharatiya Janata Party (BJP)’s Government and Prime Minister Shri Narendra Modi and therefore, it uses the images and brands of both of them to give the scheme an impression of legitimacy. The imposters are taking advantage of the public's trust for the Government and the widespread desire for remuneration to ensnare the unaware victims, specifically before the upcoming Lok Sabha elections.

‍

The Deceptive Scheme:

• Tempting Social Media Offer: The fraud begins with an attractive link on the social media platforms. The scammers say that the proposal is related to the Bharatiya Janata Party (BJP) with the caption of “The official party has prepared many gifts for their supporters.” accompanied by an image of  the Prime Minister Shri Narendra Modi.

• Luring with Money: The offer promises to give Rs.5,000 or more. This is aimed at drawing in people specifically during election campaigns; and people’s desire for financial gain.

• Tricking with Questions: When the link is clicked, the person is brought to the page with the simple questions. The purpose of these questions is to make people feel safe and believe that they have been selected for an actual government’s program.

• The Open-the-Box Trap: Finally, the questions are answered and the last instruction is to open-the-box for the prize. However, this is just a tactic for them to make you curious about the reward.

• Fake Reward and Spreading the Scam: Upon opening the box, the recipient will be greeted with the text of Rs. 5000. However, this is not true; it is just a way to make them share the link on WhatsApp, helping the scammers to reach more victims.

The fraudsters use political party names and the Prime Minister's name to increase the plausibility of it, although there is no real connection. They employ the people's desire for monetary help, and also the time of the elections, making them susceptible to their tricks.

Analytical Breakdown:

• The campaign is a cleverly-created scheme to lure people by misusing the trust they have in the Government. By using BJP's branding and the Prime Minister's photo, fraudsters aim to make their misleading offer look credible. Fake reviews and cash reward are the two main components of the scheme that are intended to lure users into getting involved, and the end result of this is the path of deception.
• Through sharing the link over WhatsApp, users become unaware accomplices that are simply assisting the scammers to reach an even bigger audience and hence their popularity, especially with the elections around the corner.
• On top of this, the time of committing this fraud is very disturbing, as the election is just round the corner. Scammers do this in the context of the political turmoil and the spread of unconfirmed rumors and speculation about the upcoming elections in the same way they did earlier. The fraudsters are using this strategy to take advantage of the political affiliations by linking their scam to the Political party and their Leaderships.

• We have also cross-checked and as of now there is no well established and credible source or any official notification that has confirmed such an offer advertised by the Party.

• Domain Analysis: The campaign is hosted on a third party domain, which is different from the official website, thus creating doubts. Whois information reveals that the domain has been registered not long ago. The domain was registered on 29th march 2024, just a few days back.   

• Domain Name: PSURVEY[.]CYOU
• Registry Domain ID: D443702580-CNIC
• Registrar WHOIS Server: whois.hkdns.hk
• Registrar URL: http://www.hkdns.hk
• Updated Date: 2024-03-29T16:18:00.0Z
• Creation Date: 2024-03-29T15:59:17.0Z (Recently Created)
• Registry Expiry Date: 2025-03-29T23:59:59.0Z
• Registrant State/Province: Anhui
• Registrant Country: CN (China)
• Name Server: NORMAN.NS.CLOUDFLARE.COM
• Name Server: PAM.NS.CLOUDFLARE.COM

Note: Cybercriminals used Cloudflare technology to mask the actual IP address of the fraudulent website.

CyberPeace Advisory and Best Practices:

• Be careful and watchful for any offers that seem too good to be true online, particularly during election periods. Exercise caution at a high level when you come across such offers, because they are usually accompanied by dishonest schemes.

• Carefully cross-check the authenticity of every campaign or offer you’re considering before interacting with it. Do not click on suspicious links and do not share private data that can be further used to run the scam.

• If you come across any such suspicious activity or if you feel you have been scammed, report it to the relevant authorities, such as the local police or the cybercrime section. Reporting is one of the most effective instruments to prevent the spread of these misleading schemes and it can support the course of the investigations.

• Educate yourselves and your families on the usual scammers’ tricks, including their election-related strategies. Prompt people to think critically and a good deal of skepticism when they meet online offers and promotions that evoke a possibility to obtain money or rewards easily.

• Ensure that you are always on a high level of alert as you explore the digital field, especially during elections. The authenticity of the information you encounter should always be verified before you act on it or pass it over to someone else.

• In case you have any doubt or worry regarding a certain e-commerce offer or campaign, don’t hesitate to ask for help from reliable sources such as Cybersecurity experts or Government agencies. A consultation with credible sources will assist you in coming up with informed decisions and guarding yourself against being navigated by these schemes.

Conclusion:

The "BJP - Election Bonus" campaign is a real case study of how Internet fraud is becoming more popular day by day, particularly before the elections. Through the awareness of the tactics employed by these scammers and their abuse of the community's trust in the Government and political figures, we can equip ourselves and our communities to avert becoming the victim of such fraudulent schemes. As a team, we can collectively strive for a digital environment free of threats and breaches of security, even in times of high political tension that accompany elections.

‍

Executive Summary:

This report deals with a recent cyberthreat that took the form of a fake message carrying a title of India Post which is one of the country’s top postal services. The scam alerts recipients to the failure of a delivery due to incomplete address information and requests that they click on a link (http://iydc[.]in/u/5c0c5939f) to confirm their address. Privacy of the victims is compromised as they are led through a deceitful process, thereby putting their data at risk and compromising their security. It is highly recommended that users exercise caution and should not click on suspicious hyperlinks or messages.

False Claim:

The fraudsters send an SMS stating the status of delivery of an India Mail package which could not be delivered due to incomplete address information. They provide a deadline of 12 hours for recipients to confirm their address by clicking on the given link (http://iydc[.]in/u/5c0c5939f). This misleading message seeks to fool people into disclosing personal information or compromising the security of their device. 

‍

‍

The Deceptive Journey:

• First Contact: The SMS is sent and is claimed to be from India Post, informs users that due to incomplete address information the package could not be delivered.

• Recipients are then expected to take action by clicking on the given link (http://iydc[.]in/u/5c0c5939f) to update the address. The message creates a panic within the recipient as they have only 12 hours to confirm their address on the suspicious link.

• Click the Link: Inquiring or worried recipients click on the link.

• User Data: When the link is clicked, it is suspected to  launch possible remote scripts in the background and collect personal information from users.

• Device Compromise: Occasionally, the website might also try to infect the device with malware or take advantage of security flaws.

The Analysis:

• Phishing Technique: The scam allures its victims with a phishing technique and poses itself as the India Post Team, telling the recipients to click on a suspicious link to confirm the address as the delivery package can’t be delivered due to incomplete address. 
• Fake Website Creation: Victims are redirected to a fraudulent website when they click on the link (http://iydc[.]in/u/5c0c5939f) to update their address.
• Background Scripts: Scripts performing malicious operations such as stealing the visitor information, distributing viruses are suspected to be running in the background. This script can make use of any vulnerability in the device/browser of the user to extract more info or harm the system security.
• Risk of Data Theft: This type of fraud has the potential to steal the data involved because it lures the victims into giving their personal details by creating fake urgency. The threat actors  can use it for various illegal purposes such as financial fraud, identity theft and other criminal purposes in future.
• Domain Analysis: The iydc.in domain was registered on the 5th of April, 2024, just a short time ago. Most of the fraud domains that are put up quickly and utilized in criminal activities are usually registered in a short time.
• Registrar: GoDaddy.com, LLC, a reputable registrar, through which  the domain is registered. 
• DNS: Chase.ns.cloudflare.com and delilah.ns.cloudflare.com are the name servers used by Cloudflare to manage domain name resolution. 
• Registrant: Apart from the fact that it is in Thailand, not much is known about the registrant probably because of using the privacy reduction plugins. 

• Domain Name: iydc.in
• Registry Domain ID: DB3669B210FB24236BF5CF33E4FEA57E9-IN
• Registrar URL: www.godaddy.com
• Registrar: GoDaddy.com, LLC
• Registrar IANA ID: 146
• Updated Date: 2024-04-10T02:37:06Z
• Creation Date: 2024-04-05T02:37:05Z (Registered in very recent time)
• Registry Expiry Date: 2025-04-05T02:37:05Z
• Registrant State/Province: errww
• Registrant Country: TH (Thailand)
• Name Server: delilah.ns.cloudflare.com
• Name Server: chase.ns.cloudflare.com

Note: Cybercriminals used Cloudflare technology to mask the actual IP address of the fraudulent website.

CyberPeace Advisory:

• Do not open the messages received from social platforms in which you think that such messages are suspicious or unsolicited. In the beginning, your own discretion can become your best weapon.
• Falling prey to such scams could compromise your entire system, potentially granting unauthorized access to your microphone, camera, text messages, contacts, pictures, videos, banking applications, and more. Keep your cyber world safe against any attacks.
• Never reveal sensitive data such as your login credentials and banking details to entities where you haven't validated as reliable ones.
• Before sharing any content or clicking on links within messages, always verify the legitimacy of the source. Protect not only yourself but also those in your digital circle.
• Verify the authenticity of alluring offers before taking any action.
  

Conclusion:

The India Post delivery scam is an example of fraudulent activity that uses the name of trusted postal services to trick people. The campaign is initiated by using deceptive texts and fake websites that will trick the recipients into giving out their personal information which can later be used for identity theft, financial losses or device security compromise. Technical analysis shows the sophisticated tactics used by fraudsters through various techniques such as phishing, data harvesting scripts and the creation of fraudulent domains with less registration history etc.  While encountering such messages, it's important to verify their authenticity from official sources and take proactive measures to protect both your personal information and devices from cyber threats. People can reduce the risk of falling for online scams by staying informed and following cybersecurity best practices.

‍

Executive Summary:

The picture of a boy making sand art of Indian Cricketer Virat Kohli spreading in social media, claims to be false. The picture which was portrayed, revealed not to be a real sand art. The analyses using AI technology like 'Hive' and ‘Content at scale AI detection’ confirms that the images are entirely generated by artificial intelligence. The netizens are sharing these pictures in social media without knowing  that it is computer generated by deep fake techniques. 

‍

‍

Claims:

The collage of  beautiful pictures displays a young boy creating sand art of Indian Cricketer Virat Kohli.

‍

Post link

‍

‍

Post link

‍

‍

Post link

‍

‍

          Post link

‍

Fact Check:

When we checked on the posts, we found some anomalies in each photo. Those anomalies are common in AI-generated images.

‍

The anomalies such as the abnormal shape of the child’s feet, blended logo with sand color in the second image, and the wrong spelling ‘spoot’ instead of ‘sport’n were seen in the picture. The cricket bat is straight which in the case of sand made portrait it’s odd. In the left hand of the child, there’s a tattoo imprinted while in other photos the child's left hand has no tattoo. Additionally, the face of the boy in the second image does not match the face in other images. These made us more suspicious of the images being a synthetic media. 

‍

We then checked on an AI-generated image detection tool named, ‘Hive’. Hive was found to be 99.99% AI-generated. We then checked from another detection tool named, “Content at scale”

‍

‍

Hence, we conclude that the viral collage of images is AI-generated but not sand art of any child. The Claim made is false and misleading.

‍

Conclusion:

In conclusion, the claim that the pictures showing a sand art image of Indian cricket star Virat Kohli made by a child is false. Using an AI technology detection tool and analyzing the photos, it appears that they were probably created by an AI image-generated tool rather than by a real sand artist. Therefore, the images do not accurately represent the alleged claim and creator.

‍

Claim:  A young boy has created sand art of Indian Cricketer Virat Kohli

‍

Claimed on: X, Facebook, Instagram

‍

Fact Check: Fake & Misleading

‍

Executive Summary:

In the context of the recent earthquake in Taiwan, a video has gone viral and is being spread on social media claiming that the video was taken during the recent earthquake that occurred in Taiwan. However, fact checking reveals it to be an old video. The video is from September 2022, when Taiwan had another earthquake of magnitude 7.2. It is clear that the reversed image search and comparison with old videos has established the fact that the viral video is from the 2022 earthquake and not the recent 2024-event. Several news outlets had covered the 2022 incident, mentioning additional confirmation of the video's origin. 

Claims:

There is a news circulating on social media about the earthquake in Taiwan and Japan recently. There is a post on “X” stating that, 

“BREAKING NEWS :

Horrific #earthquake of  7.4 magnitude hit #Taiwan and #Japan. There is an alert that  #Tsunami might hit them soon”. 

‍

Similar Posts:

Fact Check:

We started our investigation by watching the videos thoroughly. We divided the video into frames. Subsequently, we performed reverse search on the images and it took us to an X (formally Twitter) post where a user posted the same viral video on Sept 18, 2022. Worth to notice, the post has the caption- 

“#Tsunami warnings issued after Taiwan quake. #Taiwan #Earthquake #TaiwanEarthquake”

‍

  The same viral video was posted on several news media in September 2022. 

The viral video was also shared on September 18, 2022 on NDTV News channel as shown below.

Conclusion:

To conclude, the viral video that claims to depict the 2024 Taiwan earthquake was from September 2022.  In the course of the rigorous inspection of the old proof and the new evidence, it has become clear that the video does not refer to the recent earthquake that took place as stated. Hence, the recent viral video is misleading . It is important to validate the information before sharing it on social media to prevent the spread of misinformation. 

Claim: Video circulating on social media captures the recent 2024 earthquake in Taiwan.

Claimed on: X, Facebook, YouTube

Fact Check: Fake & Misleading, the video actually refers to an incident from 2022.

‍

Executive Summary:

A photo circulating on the web that claims to show the future design of the Bhabha Atomic Research Center, BARC building, has been found to be fake after fact checking has been done. Nevertheless, there is no official notice or confirmation from BARC on its website or social media handles. Through the AI Content Detection tool, we have discovered that the image is a fake as it was generated by an AI. In short, the viral picture is not the authentic architectural plans drawn up for the BARC building.

Claims:

A photo allegedly representing the new outlook of the Bhabha Atomic Research Center (BARC) building is reigning over social media platforms.

Fact Check:

To begin our investigation, we surfed the BARC's official website to check out their tender and NITs notifications to inquire for new constructions or renovations.

It was a pity that there was no corresponding information on what was being claimed.

Then, we hopped on their official social media pages and searched for any latest updates on an innovative building construction, if any. We looked on Facebook, Instagram and X . Again, there was no information about the supposed blueprint. To validate the fact that the viral image could be generated by AI, we gave a search on an AI Content Detection tool by Hive that is called ‘AI Classifier’. The tool's analysis was in congruence with the image being an AI-generated computer-made one with 100% accuracy.

To be sure, we also used another AI-image detection tool called, “isitai?” and it turned out to be 98.74% AI generated.

Conclusion:

To conclude, the statement about the image being the new BARC building is fake and misleading. A detailed investigation, examining BARC's authorities and utilizing AI detection tools, proved that the picture is more probable an AI-generated one than an original architectural design. BARC has not given any information nor announced anything for such a plan. This makes the statement untrustworthy since there is no credible source to support it.

Claim: Many social media users claim to show the new design of the BARC building.

Claimed on: X, Facebook

Fact Check: Misleading

‍

Executive Summary:

This report discloses a new cyber threat contributing to the list of threats targeting internet users in the name of "Aarong Ramadan Gifts". The fraudsters are imitating the popular Bangladeshi brand Aarong, which is known for its Bengali ethnic wear and handicrafts, and allure the victims with the offer of exclusive gifts for Ramadan. The moment when users click on the link, they are taken through a fictitious path of quizzes, gift boxes, and social proof, that simply could damage their personal information and system devices. Through knowing how this is done we can educate users to take caution and stop themselves from falling into cyber threats.

False Claim:

The false message accompanied by a link on social media, claims that Aarong, one of the most respected brands in Bangladesh for their exquisite ethnic wear and handicrafts, is providing Ramadan gifts exclusively through online promotion. And while that may be the facade of the scam, its real aim is to lead users to click on harmful links that may end up in their personal data and devices being compromised.

‍

The Deceptive Journey:

• The Landing page starts with a salutation and a catchy photo of Aarong store, and later moves ahead encouraging the visitors to take a part of a  short quiz to claim the gift. This is designed for the purpose of creating a false image of authenticity and trustworthiness.
• A certain area at the end of the page looks like a social media comment section, and users are posting the positive impacts the claim has on them. This is one of the techniques to build the image of a solid base of support and many partakers.
• The quiz starts with a few easy questions on how much the user knows about Aarong and their demographics. This data is vital in the development of more complex threats and can be used to address specific targets in the future.
• After the user hits the OK button, the screen displays a matrix of the Gift boxes, and the user then needs to make at least 3 attempts to  attain the reward. This is a commonly used approach which allows the scammer to keep users engaged longer and increases the chances of making them comply with the fraudulent scheme.
• The user is instructed to share the campaign on WhatsApp from this point of the campaign, and the user must keep clicking the WhatsApp button until the progress bar is complete. This is a way to both expand and perpetuate the scam, affecting many more users.
• After completing the steps, the user is shown instructions on how to claim the prize.

The Analysis:

• The home page and quiz are structured to maintain a false impression of genuineness and proficiency, thus allowing the victims to partake in the fraudulent design. The compulsion to forward the message in WhatsApp is the way they inspire more and more users and eventually get into the scam.
• The final purpose of the scam could be to obtain personal data from the user and eventually enter their devices, which could lead to a higher risk of cyber threats, such as identity theft, financial theft, or malware installation.
• We have also cross-checked and as of now there is no well established and credible source or any official notification that has confirmed such an offer advertised by Aarong.
• The campaign is hosted on a third party domain instead of the official Website, this raised suspicion. Also the domain has been registered recently.
• The intercepted request revealed a connection to a China-linked analytical service, Baidu in the backend.

‍

• Domain Name: apronicon.top
• Registry Domain ID: D20231130G10001G_13716168-top
• Registrar WHOIS Server: whois.west263[.]com
• Registrar URL: www.west263[.]com
• Updated Date: 2024-02-28T07:21:18Z
• Creation Date: 2023-11-30T03:27:17Z  (Recently created)
• Registry Expiry Date: 2024-11-30T03:27:17Z
• Registrar: Chengdu west dimension digital
• Registrant State/Province: Hei Long Jiang
• Registrant Country: CN (China)
• Name Server: amos.ns.cloudflare[.]com
• Name Server: zara.ns.cloudflare[.]com

Note: Cybercriminal used Cloudflare technology to mask the actual IP address of the fraudulent website.

CyberPeace Advisory:

• Do not open those messages received from social platforms in which you think that such messages are suspicious or unsolicited. In the beginning, your own discretion can become your best weapon.
• Falling prey to such scams could compromise your entire system, potentially granting unauthorized access to your microphone, camera, text messages, contacts, pictures, videos, banking applications, and more. Keep your cyber world safe against any attacks.
• Never, in any case, reveal such sensitive data as your login credentials and banking details to entities you haven't validated as reliable ones.
• Before sharing any content or clicking on links within messages, always verify the legitimacy of the source. Protect not only yourself but also those in your digital circle.
• For the sake of the truthfulness of offers and messages, find the official sources and companies directly. Verify the authenticity of alluring offers before taking any action.

Conclusion:

Aarong Ramadan Gift scam is a fraudulent act that takes advantage of the victims' loyalty to a reputable brand. The realization of the mechanism used to make the campaign look real, can actually help us become more conscious and take measures to our community not to be inattentive against cyberthreats. Be aware, check the credibility, and spread awareness to others wherever you can, to contribute in building a security conscious digital space.

‍