Wednesday, July 9, 2025
spot_img

Surge in malicious campaigns exploiting “Diwali” and “Pooja” domains for scams

Date:

Share post:

spot_imgspot_img

Shillong, November 9: Cybersecurity experts at CloudSEK have identified a significant rise in malicious campaigns targeting users during the festive season, employing deceptive “Diwali” and “Pooja” domains, particularly aimed at e-commerce platforms.

As per IANS, the researchers observed phishing campaigns impacting recharge and e-commerce sectors with the intent to harm the reputation of well-known brands. In their investigation, they unearthed 828 unique domains within the Facebook Ads Library being utilized for phishing endeavors.

Rishika Desai, lead cyber intelligence at CloudSEK, emphasized the alarming increase in hosting fake domains for online shopping scams this year. These scams pose a risk of evolving into financial frauds, as hackers can masquerade as customer representatives, exploiting the vulnerability of unsuspecting victims.

The report highlights the utilization of typosquatting techniques to create domains that appear legitimate, exemplified by instances like “shop.com” being mimicked as “shoop.xyz” with identical features and content. Notably, domains incorporating the keywords “Diwali” and “Pooja” were identified, hosted on a Hong Kong-based ASN by Megalayer Technologies, redirecting users to various Chinese betting pages.

This particular domain, created approximately a month ago, redirects to multiple gambling sites, including Bet 365 and MGM, according to the report. Desai noted cybercriminals’ exploitation of increased internet traffic during Diwali, targeting users with malicious websites mimicking authentic gambling platforms.

The report also exposed misleading activities on Facebook and other social media channels, where malicious users entice genuine users to register on unreliable cryptocurrency websites. An example cited is Bot Bro, enticing consumers to dubious crypto platforms by offering free life insurance up to one crore and five TLC coins.

Furthermore, the report revealed a case involving an e-commerce website selling jewelry, registered on October 3, urging users to download an application embedded with an Android Trojan.

spot_imgspot_img

Related articles

Many of you can become astronauts, walk on Moon: Shubhanshu tells students at NESAC

NEW DELHI, July 8: “Many of you can become future astronauts, even walk on the Moon,” Shubhanshu Shukla...

Keep all 18 Khasi villages in Meghalaya: Heads of Raid Nongtung urge Conrad

SHILLONG, July 8: The traditional village heads along the Assam-Meghalaya border in Ri-Bhoi, under the banner of the...

Drug addiction fuels rise in petty crimes in city, says police

SHILLONG, July 8: There is a rise in petty crimes such as thefts and burglaries in the city,...

MHRC seeks report on alleged torture of youth at Sohra PS

SHILLONG, July 8: The Meghalaya Human Rights Commission (MHRC) has directed the Superintendent of Police of East Khasi...