Don’t ‘Spin The Wheel’: Chinese Hackers Attack Indian Shoppers Using Amazon and Flipkart’s Name

New Delhi: After the Indian government banned dubious Chinese applications for allegedly stealing user data, Chinese hackers are looking for new ways to steal your sensitive information.

Cybersecurity experts and researchers have found that China-based hacking groups are using one of the most common scams – ”Spin the Wheel” and circulating the malicious link of the game on WhatsApp and other social networking platforms. Spin the Wheel is fake contests that promise gift vouchers from famous brands. Hackers across the border are spreading the malicious links of the game in the garb for festive sale by big online shopping websites like Amazon and Flipkart.

According to a report by Cyber Peace Foundation, Chinese hackers send malicious links to online shoppers. They organized fake contests with names sounding similar to shopping festivals like ‘Big Billion Days Spin the Lucky Wheel’ and ‘Amazon Big Billion Day Sale’. A report confirmed that these links are still active and operational.  

“People who were duped into believing that they had won an Oppo smartphone as a prize were asked to share the link via WhatsApp to their friends and family”, a report by New Delhi based Cyber Peace Foundation said.

Experts said that all domain links are registered in China, specifically in the Guangdong and Henan provinces, under the name of an organization called Fang Xiao Qing. The hackers have registered these domains on Alibaba’s cloud computing platform. And Hackers hosted these links across Belgium and the United States.

The URL that is used for the contests redirected users to multiple random sites, which are fake. Once a user opens these links, malicious code gets entered in their devices. It steals data from the victim’s phone in the background, and because of this, they lose his money from wallets and bank accounts. These scams usually begin with a popped up message which says that the user has won a prize.

Not only this, to gain trust and increase the reach of victims, these hackers also promote such fake contests on social media. Hackers tend to use fake comments and fake images on social media platforms to make the contests sound legitimate. 
According to the information gathered from these scams, cyber attackers especially target people living in tier-2 and tier-3 cities because of the low awareness about such scams.