Guwahati, June 12 (NKTV): Cyber-security researchers in India recently informed that a malicious free gift campaign pretending to be an offer from Tata Motors that is collecting users’ data has been traced back to hackers in China.
New Delhi-based CyberPeace Foundation received some links via WhatsApp, related to a free gift offer from Tata Motors, collecting browser and system information as well as the cookie data from the users.
“The campaign is hosted on the third-party domain instead of the official website of Tata Motors which makes it more suspicious” the research team said.
If users open the link from a device where WhatsApp application is installed, the sharing features on the site will open the WhatsApp application on the device to share the link.
Title of the fake website is “Tata Motors Cars, Celebrates sales exceeding 30 million.”
On the landing page, a congratulations message appears with an attractive photo of a Tata Safari car and asks users to participate in a quick survey to get a free TATA Safari vehicle. After Clicking the OK button, users are given three attempts to win the prize. After completing all the attempts, it says that the user has won “TATA SAFARI”.
“Congratulations! You did it! You won the TATA SAFARI!” Clicking on the ‘OK’ button, it then instructs users to share the campaign on WhatsApp.
The user then has to click the WhatsApp button in order to complete the progress bar. After clicking on the green ‘Complete registration’ button, it redirects the user to multiple advertisements webpages, and it varies each time the user clicks on the button.
According to the researchers, cybercriminals used Cloudflare technologies to mask the real IP addresses of the front-end domain names used in the free gifts from Tata Motors campaign.
“But during the phases of investigation, we have identified a domain name that was requested in the background and has been traced as belonging to China,” the researchers revealed.