Millions of Indians are believed to have been targeted during recent festive season sales by online shopping scams orchestrated by suspected Chinese hackers based in Guangdong and Henan provinces, according to CyberPeace Foundation, a cybersecurity think tank.
The hackers created spurious links and asked users to click on them to participate in online contests with prizes. These links were spread through WhatsApp messages and are believed to have been sent to millions of Indians.
Some of these scam contests borrowed elements from actual sales campaigns used by Amazon India and Flipkart to trick users.
For instance, “Big Billion Days Spin the Lucky Wheel” and “Amazon Big Billion Day Sale” surfaced within days of Flipkart announcing its Big Billion Day Sale.
During its investigation, CyberPeace Foundation found that the domain links created for the scams were registered in Guangdong and Henan province to an organization called Fang Xiao Qing.
These domains were registered using Alibaba’s cloud computing platform. The links used for the scams are still active.
To send the scam links and make their accounts look legitimate, hackers created fake accounts using fake images and comments.
“E-commerce scams are not new, but what’s more alarming is the covert cyber warfare that Chinese entities are launching in India on a repeated basis,” said Vineet Kumar, founder and president, CyberPeace Foundation.
Kumar warned the information collected through these scams can be used to undertake more such cyberattacks, especially targeted at internet users in tier-2 and tier-3 cities where awareness about such scams is low.
India has been frequently targeted by Chinese and North Korean hackers.
Following the violent border standoff with Chinese troops in Ladakh in May-June, the cyberattacks have only multiplied.
In June, cyber intelligence firm Cyfirma warned several government agencies, media houses, pharmaceutical companies, telecom operators and a large tyre company of a possible cyberattack by Gothic Panda and Stone Panda, two well-known hacking groups directly connected to the Chinese People’s Liberation Army.