Chinese Hackers Target Flipkart, Amazon Sales For Shopping Scams

Cyber attacks in India have become a huge headache lately for businesses and to add to the woes, the latest findings by Cyberpeace Foundation revealed that Chinese hackers based in Guangdong and Henan provinces have targeted millions of Indians through shopping scams targeting Amazon India and Flipkart.

The scams were most prominent during festival season sales in the month of October and November. Hackers lured users by creating spurious links, thereby asking to click on them to participate in online contests and win prizes. This was done through WhatsApp messages and are supposedly sent to millions of Indians.

Using elements from the sales campaigns by Amazon India and Flipkart, the scammers tried to trick the users by coming up with, “Big Billion Days Spin the Lucky Wheel” and “Amazon Big Billion Day Sale” within a few days of Flipkart’s Big Billion Day sale, the report said.

The investigation conducted by Cyberpeace Foundation further revealed some shocking details as it showed that the domain links made for the scams were registered in China specifically in Guangdong and Henan province to an organisation called Fang Xiao Qing and were registered using Alibaba’s cloud computing platform. These links used for the scams are still operational and active.

The Chinese hackers created fake accounts with the help of fake images and comments to send scam links.

“Ecommerce scams are not new but what’s more alarming is the covert cyber warfare Chinese entities are launching in India on a repeated basis,” Vineet Kumar, founder and president, CyberPeace Foundation, said in a statement.

Kumar further warned that the collected information could be peddled and used to conduct more such cyber attacks in Tier II and Tier III cities where people’s knowledge about cybersecurity is very low.

There has been a rise in cyber attacks in the country, which in turn has affected the Indian IT and cyber infrastructure. To picture this, National Cyber Security Coordinator Lt Gen (Dr) Rajesh Pant had said that cyber crimes in India caused INR 1.25 Lakh Cr loss in 2019 and cyber threats will continue to increase as the country focuses on developing smart cities and rolling out 5G network, among other initiatives.

There are several instances of the data breach and cyberattacks in the past US-based cybersecurity firm Cyble reported a data breach on PM Modi’s website narendramodi.in, believed to have impacted 5 lakh users which shows the poor cybersecurity infrastructure in the country.

Recently, Haldiram’s witnessed a ransomware attack on its servers by unidentified hackers who have allegedly stolen crucial data and demanded a ransom of $7, 50,000.

Several Indian platforms in the past have seen data breaches. Earlier in May, it was reported that data of 4.75 crore Truecaller Indian users were found to be up for sale on the dark web.

Note: We at Inc42 take our ethics very seriously. More information about it can be found here.