It has recently come to light that China-based hackers are running a malicious free gift campaign to collect personal user data. Cybersecurity researchers have revealed that the campaign is pretending to be an offer from Tata Motors, the biggest automobile manufacturing company in India, reports IANS.
“The campaign is pretended to be an offer from Tata Motors but hosted on the third-party domain instead of the official website of Tata Motors which makes it more suspicious,” said the research team at New Delhi-based CyberPeace Foundation.
SEE ALSO: Health Ministry, Security Researchers Deny Reports Of CoWin Data Breach; MeitY To Investigate
This malicious campaign being operated on a fake website is titled “Tata Motors Cars, Celebrates sales exceeding 30 million” and has been uncovered by the research wing of CyberPeace Foundation. The research team received some links via WhatsApp, related to a free gift offer from Tata Motors.
The report states that these malicious links collect confidential data about users including their browser and system information as well as the cookie data. Moreover, the prizes of the malware-ridden campaign have been kept attractive to trick people.
The landing page on the website displays a congratulations message with a photo of a Tata Safari car. Users are asked to participate in a quick survey to get a free TATA Safari vehicle. A Facebook comment section is also present at the bottom of the landing page where users have commented about how they benefited from the offer. Once the user decides to participate in the survey, he/she is given three attempts to win the prize.
SEE ALSO: Oh No! This WhatsApp Scam Is Back But New WhatsApp Feature On The Way Can Help!
The report further states that after completing all the attempts, a message appears stating “Congratulations! You did it! You won the TATA SAFARI!” Users are then instructed to share the campaign with their friends on WhatsApp.
Also, no, the user doesn’t actually end up winning the car, the page simply keeps redirecting the user to multiple advertisements webpages. It should be noted that the campaign is completely fake and users should be careful when clicking on links that they are not aware of or that seem shady.