© 2023 CyberNews - Latest tech news,
product reviews, and analyses.

If you purchase via links on our site, we may receive affiliate commissions.

Scammers prey on Indian users posting complaints on social media

Clients of the Indian Railways, online shopping platform Flipkart, and multiple Indian banks targeted in "a new wave of financial fraud."

The new scam targets Indian citizens leaving complaint posts on social media accounts belonging to various local companies, according to Cyble Research and Intelligence Labs (CRIL).

Scammers monitor Twitter and other social media platforms for customers looking for refunds over issues they might have experienced with services provided by companies like the Indian Railway Catering and Tourism Corporation.

According to researchers, cybercriminals would initiate a scam upon finding a victim's contact information.

"When users report complaints on social media, scammers take advantage of the opportunity to carry out phishing attacks by asking them to download malicious files to file their complaints and steal their funds from bank accounts," CRIL said.

In addition to the IRCTC, users of other popular Indian brands and organizations, including e-commerce platform Flipkart, payment service provider MobiKwik, budget airline Spicejet, and various banks, were targeted.

In one example, a user was contacted by someone impersonating the IRCTC customer support representative after posting a complaint on the company's Twitter account.

Example of phishing attack. Image by Cyble

While the user refused to provide their details to the scammer in this case, fraudsters would use different techniques to defraud victims, CRIL said.

For instance, scammers might seek to link a victim's mobile number or account through the Unified Payments Interface (UPI), send a Google form to collect sensitive information or forward a WhatsApp link to a malicious website.

"Scammers have been using Android malware in addition to other fraudulent tactics. They may send a phishing link that downloads a malicious APK file to infect the device, or they may send the malicious file via WhatsApp," CRIL said.

Scammers use malicious APK files with names like "IRCTC customer.apk," "online complaint.apk," or "complaint register.apk" to trick victims into revealing their banking credentials, the researchers said.

They also seek to obtain the victim's UPI details, credit/debit card information, and even their one-time passwords used for two-factor authentication.

One phishing website that CRIL came across included a fake customer support site that would ask victims to enter basic information such as name, mobile number, and complaint query before prompting them to input sensitive banking information. It would also ask the victim to install a malicious application to steal incoming text messages from the infected device.

Example of malicious website. Image by Cyble

CRIL said "a group of financially motivated scammers" based in India was responsible for the scheme. While it was first observed in late 2020, it has only recently started targeting social media complaints to identify potential victims, researchers said.

"It is important for users to be aware of these scams and to be cautious when providing personal information or downloading files online," CRIL warned.

More from Cybernews:

WhatsApp to stop working on older iPhones and Androids

Twitter leaking 400m user data won’t affect user confidence

DPRK hackers steal NFTs using phishing websites

Crooks steal $8 million from Bitkeep wallets

New EU rules could see the return of "easily" replaceable phone batteries

Subscribe to our newsletter


Kishanu Karmakar
Kishanu Karmakar
prefix 1 month ago
At present, most scams are happening in this way. Every day lakhs of people are falling prey to this type of fraud. You have guided everyone through this article, but still, people in India are not much aware of it. Scammers know their fears, and scare them too! In such a situation, the common public is becoming a victim of this kind of fraud in the words of these scammers.

The solution is only one, if all this happens from a verified source, then the consumer will be aware of it, but if any company asks for a call, message, or OTP from any random number, then the government will also have to take strict action for that.

Announcing nothing will do, for this, a program has to be made, which can trace such calls, or conversations, or register automatic complaints.
Leave a Reply

Your email address will not be published. Required fields are marked