close_game
close_game

Copycat websites surge 300%; India a hunting ground: Report

ByBinayak Dasgupta, New Delhi
Jul 13, 2023 02:08 AM IST

According to the Digital Risks Trend 2023 report, there was a 304% year-on-year increase in the number of scam websites that impersonated legitimate businesses.

There has been a surge in fake websites to fool internet users into making payments, according to a new report on cyber fraud by a cybersecurity company, which also found Indians were most commonly targeted by fake surveys promising quick money or fraud sites with dealership franchise opportunities.

Scam pages pretending to be financial services, such as for banks, were the most prevalent, at 74% of all such fraud websites.(Getty Images/ Representational photo) PREMIUM
Scam pages pretending to be financial services, such as for banks, were the most prevalent, at 74% of all such fraud websites.(Getty Images/ Representational photo)

Read here: Archive of Our Own, the most popular fanfiction website, is reportedly under a DDoS attack by Russians

Globally, according to the Digital Risks Trend 2023 report by Group-IB released on Wednesday, there was a 304% year-on-year increase (2022 compared to 2021) in the number of scam websites that impersonated legitimate businesses and brands, and websites used for launching phishing attacks rose by 62%.

Scam pages pretending to be financial services, such as for banks, were the most prevalent, at 74% of all such fraud websites.

“Of the schemes described in the report, fake brand impersonating surveys are widespread in India and are most damaging to online users. Overall, within the scheme, we detected fake websites impersonating 86 brands in India,” said Afiq Sasman, head of digital risk protection analytics in Asia Pacific, Group-IB, in an email to HT.

This sort of cybercrime differs from phishing campaigns – the latter are targeted mostly to harvest credentials, while these frauds are specific to making financial gains. A website successfully in pretending to be a legitimate business or service is more likely to make unsuspecting users make a payment.

On fake Indian dealership websites that the company found, Sasman said these deployed a higher level of sophistication than those which merely pretend to be, say, a shopping website. “The scams are not merely asking users to fill up a form and then contacting the victims afterwards. These scams are very convincing and can even provide documents such as an invoice with the company letterhead and stamp to prove its authenticity,” Sasman said.

An example of such campaigns came to light in June 2022, when Hindustan Petroleum issued a warning on its website saying it had been alerted of several scams in which its logos and brand was being used by people promising retail dealerships and jobs. It gave a list of email addresses and websites from which such scams were launched, including URLs such as hindustanpetroleum.online, hindustanpetroleumcorp.com and hpcldelership.com. The official website of the fuel company is hindustanpetroleum.com.

A month later, a Pune businessman filed a police complaint saying he had lost 42 lakh to such a fraud.

Read here: Probe against dubious website: ED seizes 1.3 crore, freezes 15.8 Lakh

The findings highlight the various dimensions to cyber fraud in India, where a burgeoning underground industry run from some satellite National Capital Region towns has claimed an increasing number of victims who lose anywhere between tens of thousands of to lakhs of rupees.

Group-IB’s findings, which focussed on the online aspect of such frauds, found that scammers were increasingly leveraging social media to target victim, with 76% of all such attempts in Asia Pacific region using this method in campaigns recorded last year. The other included direct emails and malware.

The rise in such scam websites, per brand, more than doubled at 162% in 2022 compared to 2021, and for phishing websites, the number was more than 300%. A breakdown of India-specific numbers between the two periods was not available.

The company said its analysis indicated that growing use of social media was a consistent factor in the increase of such frauds, but also added that growing automation and “scam-as-a-service” schemes too were making it easy for such fraud to proliferate.

“Scammers are using a vast amount of domains and social media accounts to not only reach a greater number of potential victims, but also evade counteraction. Scams are also becoming more automated, lowering the barrier of entry for cybercriminals. We expect to see AI also play a greater role in scams in the future,” Sasman added.

Read here: Three held for running site to provide ‘original-like’ fake ID cards

Internet users should be aware of such scam tactics and schemes, the expert said. “Any investment opportunities, quizzes, or posts promising quick and easy money should raise suspicion. Users are advised to never share personal information with third parties unless they are certain of their legitimacy. While visiting links relating to offers by companies shared in messaging apps or on social media, check the domain names. Scammers usually use domain names that look similar to existing brand names as part of their efforts to trick users into entering sensitive data,” Sasman explained, on steps people can take to protect themselves.

Get Current Updates on...
See more
Get Current Updates on India News, Weather Today along with Latest News and Top Headlines from India.

Continue reading with HT Premium Subscription

Daily E Paper I Premium Articles I Brunch E Magazine I Daily Infographics
freemium
SHARE THIS ARTICLE ON
Share this article
SHARE
Story Saved
Live Score
OPEN APP
Saved Articles
Following
My Reads
Sign out
New Delhi 0C
Friday, October 11, 2024
Start 14 Days Free Trial Subscribe Now
Follow Us On