According to the latest report, the phishing scams has costed millions of dollars, and also loss of PII data and banking details. Read on to know more…
As per the latest report, the Indian public has already coughed up around INR 40 to 80 million as a result of the phishing campaign, and this value is projected to rise dramatically in the future. In addition to financial loss, users also share Personally Identifiable Information (PII) and banking information, which can be used to orchestrate various social engineering campaigns, including identity theft by the cybercriminals.
About Various Phishing Campaign
“Unearthing the Million Dollar Scams Targeting the Indian Electric Vehicle Industry” was released today by CloudSEK, highlighting a large-scale phishing campaign targeting Electric Vehicle (EV) consumers and businesses.
The number of scams surged significantly after the cabinet approved the Production Linked Incentive (PLI) scheme for electric and hydrogen fuel cell vehicles in September 2021.
Scammers are reported using Google Ads to misdirect users to phishing sites that steal their data and money, according to CloudSEK’s in-depth investigation. With each site defrauding users of INR 200,000 to 400,000 in booking fees and down payments, the scam has cost the Indian public about INR 40 to 80 million so far.
Modus Operandi of Phishing Campaign
CloudSEK’s flagship digital risk monitoring platform XVigil has spotted an increase in phishing campaigns impersonating EV manufacturers and dealerships during the second half of 2021. The scammers propagate this ruse through the following ways
* Creating phoney domains that seem like legit domains of EV manufacturers and marketplace.
* Creating Google Advertisements for the fictitious domains and manipulating SEO such that these ads appear at the top of searches for both generic and for specific EV brands.
* Users who click on these adverts are directed to phishing domains, which imitate the content and images of legit websites.
* Cybercrooks are targeting people to become an EV dealer through phishing websites and this is used to collect users’ information and money under the pretence of reservation/ booking fees for a vehicle or a security deposit.
Concluding Words
These phishing websites result in a direct loss of business, reputation, and trust for electric vehicle firms. This could lead to a general fall in the adoption of e-mobility, an already unfamiliar technology among the people in India, if users’ first touch point in a phishing campaign is a phishing campaign.
These phishing scams can be mitigated by EV companies undertaking awareness campaigns to educate users/customers about the current scams. They can also report to the Cyber Crime Cell about the online phishing scams. Additionally, firms in the EV industry can use various cybersecurity tools and solutions that enables real-time monitoring of phishing domains to identify and suspend phishing websites that are faking their brand.