KOCHI: Beware of online scammers as a web link claiming to give gifts on the 20th anniversary of LuLu Group is widely being circulated via WhatsApp which can potentially leak personal data from the mobile phones or laptops. Similar fake links claiming to be of Amazon, Flipkart and TATA were in circulation before. The law-enforcement agencies are yet to identify the persons who created such fake websites and circulated the link via social media platforms.
After coming to notice about the fake website and gift offer in circulation, LuLu Group issued a warning to the public recently. The group said only genuine offers would be posted on the company’s official social media platforms and websites.
“It’s unfortunate that such fraudsters keep coming up with new tricks. We have already informed the relevant authorities about this issue. We urge our loyal customers to not fall for such fake offers. Also, we wish to request our customers to never to share any personal details, bank account and card numbers on such fake websites or any other suspicious link,” LuLu Group India CEO Nishad M A said in a statement.
According to cyber security experts, clicking on the link or participating in surveys is dangerous as it can lead to the loss of personal data and financial fraud. “These dubious links are sent with various agendas.
Mostly, the fraudsters look for personal information data like contact numbers and email addresses on mobile phones and laptops. In some extreme cases, after clicking the link, credit card/debit card or other banking details are asked for getting the gift. The person clicking the link may not lose any money. But these data including credit card/debit card details are diverted to the dark web and put for sale. People buying these card details from the dark web can use this information for illegal purposes like carding as some international cards don’t require CVV details for purchases,” said Nandakishore Harikumar, founder and CEO of Kochi-based cyber security firm Technisanct.
Another purpose of such fake links is to collect IP addresses, device details and browser details. “These details are collected for illegal activities like clickjacking and browser hijacking. Awareness is the most important aspect to ward off such cyber attacks,” he said.
Jiyas Jamal, an expert in cyber law, said a fake link claiming to be of LuLu Group was in circulation some months back. “The fraudsters can install the malware on a mobile phone, laptop and computer through such links. Using the malware, whole data including passwords can be leaked. People should be cautious about clicking on such links,” he said.
Clickjacking and browser hijacking
Clickjacking is tricking a user into clicking on something different from what the user sees, thus potentially revealing confidential information or allowing others to take control of people’s mobile phones and laptops. Browser hijacking is a malware programme modifying web browser settings without user permission and injecting spam including advertisements.