Navratri festival is major festival in India. Fraudsters know that people are less attentive during festivals as busy in pooja, Garba, Dandiya, darshan etc . However, while people prepare for celebration of this festival, scammers and fraudsters misuses their emotions.
What Is the “Navratri festival scams”?
During festive sales in India, numerous major brands like Amazon, Flipkart, Samsung, and Apple are participating, which unfortunately has also led to a rise in online scams. Scammers have a new trick up their sleeves, and every time they go for a new way of duping people. Common types include phishing scams, OTP-related scams, fake social media ads, look alike ecommerce stores, and telecom scams.
Types of online scams that pick in pace in festive sales
Phishing Scams:
These are the most common type of scams where the scammers send a malicious email, WhatsApp message, or an SMS to the victim pretending to be from a legit ecommerce platform.
For example –
Scams on Navratri dresses:
Financial Scams:
1] Banking reward apps:
Cybercriminals are employing sophisticated social engineering tactics to trick users into downloading malicious APK files. These scams often create a false sense of urgency with messages like “Available only for today” or “Last day!”. They offer enticing rewards such as “Sign up now to enjoy free gift worth $$$”. The impact of these scams can be severe, including monetary loss, theft of personal data, phishing of bank credentials, and unauthorized transactions. Attackers may gain control over the victim’s device, potentially leading to further exploitation.
2] Fake domains impersonating legitimate shopping websites:
These scams involve the creation of fake domains impersonating legitimate shopping websites, such as “shoop.xyz” mimicking “shop.com” Cybercriminals distribute malicious links disguised as special festival gifts via WhatsApp, SMS, and email, often using short URLs to hide the original malicious links. Victims who click on these links are presented with forms requesting personal details and access to contacts, messages and call records.
3] OTP related scams
In this scam, the scammers pretend to be customer support of delivery agents and call people to tell them that there is an issue with the delivery. What follows is a web of stories to trap the customers and then finally ask for an OTP to validate payment. Now, by chance, if the victim shares the OTP, these scammers can use it to login to the former’s account and steal data and even monetary assets.
4] Social Media ‘Fake’ Ads:
Most of you would have seen the social media ads showing a very expensive product like an iPhone for peanut price. Now, those who are aware will not click, but most of the people will think that let’s click and we’ll close the site if it’s fake. And if you by any chance make a purchase on these sites, your financial details will be compromised and you can lose more money than the transaction you just made as well.
For example –
Like previous iPhone phishing scam contains iPhone as Navratri gift with a link to grab the deal. And the moment you click on the link, your system will be compromised.
India Post had also issued a warning about the iPhone 15 scam. The postal department also revealed that its logo had been used to send malicious messages to people.
Impact:
- Financial impacts –
Victims can lose substantial sums of money due to the fraud, including savings, investments, and even money borrowed from family and friends.
- Blackmail and extortion –
Scammers can use stolen information or photos to blackmail victim and demand money
- Legal issues:
Victims may face legal consequences, such as being charged with crimes if they were unknowingly involved in immigration fraud.
How to identify an online scam?
Here are some points that you can look out for to identify a scam:
- Callers asking for OTP to validate payment or anything.
- Unbelievable offers clubbed with suspicious links.
- Popular ecommerce store lookalikes with a minutely altered URL.
- Third party discount coupons that promise extraordinary price cuts.
How to stay safe from online scams?
- Verify the Source:
Double-check email domains, SMS sender IDs, and caller IDs. When in doubt, find your bank’s official contact details on their website and call them directly.
- Never Click Links:
Instead of clicking on a link in a message, manually type the bank’s official website URL into your browser.
- Don’t Share Information:
No financial institution will ever ask for your sensitive banking details, OTPs, or PINs via all, message, or email.
- Enable Security Features:
Activate two-factor authentication (2FA) and set up SMS/email alerts for all transactions to stay informed of any suspicious activity.
- Use Official Apps and Software:
Download mobile banking apps only from verified app stores and keep your antivirus software updated.
What to Do If You’re Targeted:
- Contact Your Bank:
Call your bank’s official fraud desk immediately to report the incident and secure your account.
- Report to Authorities:
Register a complaint by calling the National Cyber Crime Helpline at 1930 or visiting the official cybercrime portal.
