Beware of fake India Post messages: How they steal your data and how to protect yourself
PTC News Desk: A fraudulent mail purporting to be from "India Post" has been reaching a lot of people. If you click on the link, it could take your personal data.
According to the Press Information Bureau (PIB), the user may receive the following SMS: "Your package has arrived at the warehouse. We attempted delivery twice, but were unable to do so due to incomplete address information." If you do not update your address within 48 hours, the package will be sent back. Click the link [indisposegvs.top/IN] to alter the address. The package will be re-delivered within 24 hours of the upgrade being finished.
By clicking the link, a hacker can gain access to a user's computer and install harmful software, granting them access to private information that could be exploited.
Users have been cautioned by PIB that such links and mails requesting updated addresses for article delivery are never sent by India Post.
HOW DOES THE SCAM WORK?
A webpage that resembles the official India Post website loads after a person clicks on the provided link and submits their information. The user is prompted to alter their address by the website, which also displays a random tracking ID and a message of a delivery failure.
The link will not open on a desktop computer; it is only functional on mobile devices. By making sure the message functions on both devices, consumers can confirm its authenticity.
WHAT IS SMISHING?
'Smishing' is the term for the technique used by hackers in the India Post scam. It entails sending false SMS messages to subscribers in an attempt to coerce them into clicking on dangerous links or disclosing personal information.
Re-security, a cybersecurity company, has now discovered that the Smishing Triad, an organisation renowned for its sophisticated cyber fraud operations in the US, UK, UAE, and India, is responsible for some of these efforts.
The strategy entails registering fictitious domain names that imitate reputable companies, such as India Post. They trick consumers into divulging critical information under the false pretense of changing delivery details by constructing believable but fraudulent websites. There are a number of nefarious uses for this information, such as identity theft and financial crime.
Resecurity claims that the Smishing Triad has increased the volume of its operations in India and has registered several phony domains, including indiapostyt[.]vip and inddiapost[.]top. These domains, which have been detected by Cloudflare and Tencent among other hosting platforms, are meant to trick people who are looking for authentic postal services.
One of the methods involves sending out phony iMessages with smishing URLs by using iCloud accounts that have been hijacked and registered on purpose.
The threat actors registered domain names in June 2024 but kept them dormant until the campaign's July start, according to Resecurity's investigation. The group's plan entails targeting mobile device users especially through the use of User-Agent checks and geography filters.
Also Read: Jefferies predicts Reliance Jio IPO in 2025 with a $112 billion valuation
HOW TO AVOID SUCH CYBER ATTACKS
Steer clear of dubious connections, confirm the legitimacy of communications, and report suspected fraud to law enforcement and cybersecurity organisations right away.
Take these actions:
• Avoid clicking on links that request personal information;
• Check the message for grammatical and linguistic problems, as they are reliable signs that a communication is false;
• Consider whether you are truly anticipating a shipment before providing the needed information—scammers prey on people who are agitated or in a rush;
• Verify the URL given in a message by comparing it to the source website;
• If you fall victim to one of these scams, stop using your device right once, notify your bank, and file a police report.
• Call 1930 right away to file a report if you fall victim to this type of online financial fraud.
- With inputs from agencies
