Achive.php Security Guidance Archives - The Cyber Shark
Contributor

Security Guidance

OLX Fraud: The Hidden Threat in Online Bargains

OLX Fraud

OLX Fraud: OLX is one of the most popular websites to buy and sell used items. It is now the world’s most popular digital marketplace, with over 300 million users every month. However, fraud and scam incidents have increased along with its popularity. Cybercriminals deceive individuals into paying money by using fictitious postings and identities. The specifics of OLX scams are examined in this article, along with self-defence tips. OLX fraud: what is it? The term “OLX Fraud” describes a range of untrustworthy activities that happen on the OLX platform and related online classified sites, such as Click India and Quikr. The sale of fictitious goods like cars, bikes, furniture, and home electronics is the most prevalent scam.  This is how it usually goes: A scammer publishes a phoney advertisement offering a product at an oddly cheap cost. The advertisement makes use of photographs and descriptions that have been taken from real listings. The scammer explains the necessity to mail the items by claiming to be based in a foreign state or be a member of the army when a buyer contacts them. To start shipping, the con artist then asks for an upfront payment. The fraudster vanishes as soon as the money is transferred through internet banking or UPI. Due to the allure of a fantastic deal, many customers fall victim to these well-planned scams despite OLX’s cautions and notifications. Who Is Responsible for OLX Frauds? OLX frauds are usually committed by people or organisations using fictitious identities. They frequently: To gain trust, pretend to be army men. To seem legitimate, use stolen photos and phoney identification. Function beyond national or even global boundaries. To evade detection, these scammers frequently change their bank accounts and phone numbers. They occasionally participate in broader criminal networks that engage in a variety of cybercrimes. On the other hand, victims might be anyone from tech-savvy children to senior citizens, with an increasing number of incidents involving older people who are less knowledgeable about digital safety procedures. When Do Frauds on OLX Happen?  Although OLX frauds can occur at any time, they frequently increase during specific times: Holiday seasons, when bargains are sought after. Sales periods are at the end of the month or year. Lockdowns and pandemics, when it is less likely that physical verification will occur. Usually, the deception happens during a brief period of interaction. Scammers frequently create a sense of urgency by demanding cash and action right once. Where Do OLX Frauds Take Place? These frauds are not limited by geography. However, there is evidence that online shopping is more prevalent in urban areas. Major cities like Bengaluru, Mumbai, Delhi, Hyderabad, and Chennai are the places where cases are most commonly recorded. Internet classifieds sites like: Websites like Olx.com, Quikr.com, and Click India are commonly used by scammers, and fraud-related behaviour can migrate to social networking sites that advertise similar goods. What Leads to Fraud on OLX?  The primary reasons why OLX frauds occur so frequently are as follows: Lack of Awareness: Many consumers are unaware of how these scams operate. Simplicity of Anonymity: Scammers can easily build fake profiles. The Allure of a Bargain: Low prices inspire consumers to take quick action. Lack of Regulations: Online classified ads are not heavily regulated. Delayed Legal Action: It may be challenging to find and capture internet offenders. As cybercrimes get more sophisticated, users need to be better equipped with knowledge and defence tools. How Can OLX Fraud Be Spotted and Avoided? The following are a few warning signs and precautions: Warning Signs: Exceptionally affordable prices. The need to make an upfront payment. The seller states that they are stationed abroad or in the military. Asks for payment by QR codes, internet banking, or UPI. Refusal to allow product inspection or to meet in person.  Advice for Prevention: Always demand that the item be inspected before payment is made. Never divulge private banking information. Steer clear of transactions that call for scanning QR codes. Instead of using third-party messengers, use the OLX chat feature. Check for reviews and validate the seller’s profile. Where and How Can I Report Cyber Fraud?  Take these actions if you or someone you know has fallen victim to OLX fraud: Keep records on everything: Take screenshots of the product listing, the payment information, and the chat. Report to Cybercrime Authorities: To submit an online report, go to https://cybercrime.gov.in. For prompt assistance, dial the cybercrime helpline at 1930. Go to the police station or cybercrime cell that is closest to you. Use ISAC and T4C Assistance: Account freezing assistance is available from the Telangana Cyber Crimes Coordination Centre (T4C). To obtain immediate assistance, utilise the ISAC Cop Connect App. Real Case Example A Bengaluru man lost more than Rs. 2 lakh in an OLX QR code fraud in September 2024. The scammer pretended to be a buyer and deceived the victim into scanning a QR code to obtain money instead of sending it. Rather, money was taken out of the victim’s account. This example is a clear warning that cunning tactics can fool even tech-savvy people. About OLX: Company Overview Full Name:                Online exchange Founded:                  2006 Headquarters:          Amsterdam, Netherlands Founders:                 Alec Oxenford and Fabrice Grinda Parent Company:     Prosus (a division of Naspers) CEO (India):             Amit Kumar OLX India CIN:         U74900HR2009PTC053732 Employees:              2,500 globally Revenue:                  $2.98 billion (2022) Presence:                 Over 30 countries The Reaction of OLX to Fraud  OLX has put in place several security procedures, including: Verification of buyers and sellers. Safe chat capabilities. Reminders and cautions against paying in advance. Instruments for reporting questionable postings.  The best defence is still user vigilance despite them. If a deal seems too good

Fake News Alert: Operation Sindoor – Your Responsibility, Our Nation’s Safety

Operation Sindoor

India has conducted a strong military operation, “Operation Sindoor,” targeting terrorist bases in Pakistan. As soon as this news broke, social media platforms were flooded with real, fake posts, and others purely for attention. In times like these, the biggest support you can give your country is by sharing only verified and responsible information. What You Should NOT Do Don’t Share Fake or Unverified News: Many pages and channels post edited, misleading, or completely fake news for views and likes. Sharing such content without verification can endanger national security. Never Share Army Movements or Sensitive Videos:  Posting or forwarding pictures/videos of our Armed Forces’ real-time movements or locations is a serious breach of security. Your post might unintentionally aid the enemy. Don’t Spread Rumours, Memes, or Jokes About Attacks: Making fun or spreading baseless gossip during such tense times is not only insensitive, but it also contributes to disinformation. What You SHOULD Do Follow Only Official Sources:  Trust information from official government handles (PIB, Ministry of Defence), verified news channels, and authorised press releases. Think Before You Share: If a post lacks source credibility or seems emotionally manipulative, don’t forward it. Report Fake News: If you come across misleading or provocative content, report it on the platform. While our soldiers are fighting on the front lines, we must become digital soldiers by standing for truth and acting wisely. Make your posts strengthen the nation, not weaken it. Civil Defence Drill to Boost Emergency Readiness: Do not post any objectionable post or make any wrong comments on social media regarding the mock drill. Do not spread any misleading false rumours on social media. A civil defence mock drill will be conducted across the country on May 7 to enhance emergency preparedness after the Pahalgam terror attack. The drill will test air raid warning systems, shelter preparedness and evacuation procedures. Civil defence volunteers, including NCC cadets, home guards and students, will participate in the simulation to remain prepared for hostile situations. The drill aims to strengthen civil defence preparedness and train volunteers in first aid, evacuation and emergency protocols.  Verify before you post. Think before you share.

Pahalgam Attack: The Urgent Need to Stop Spreading Fake and Harmful News on Social Media

Pahalgam Attack

The recent terror attack in Pahalgam, Jammu & Kashmir, has left the nation shocked and grieving. With 26 innocent lives lost and several others injured, the tragedy has once again exposed not only the dark realities of terrorism but also the dangerous role of misinformation in the digital age. While the authorities work tirelessly to investigate and maintain national security, a parallel crisis is unfolding online — the viral spread of fake news, communal hate, and unverified claims. This blog is a call to action: stop spreading negative, harmful, and unverified content online. Let’s understand how this digital behaviour fuels chaos, why we must act responsibly, and what steps are being taken by the Indian government to protect the nation in cyberspace. What Happened in Pahalgam? On April 22, 2025, a group of armed terrorists launched a brutal attack at a resort in Pahalgam, targeting innocent tourists. The terrorist group known as Kashmir Resistance, affiliated with the Resistance Front (TRF), claimed responsibility for the assault. Eyewitness accounts and preliminary investigations suggest that the attack was premeditated, highly organised, and intended to create maximum fear and disruption. While security forces have launched counter-operations and investigations, the digital response on social media has revealed another vulnerability: the mass circulation of misinformation. Social Media: A Double-Edged Sword Social media has immense power—it can inform, unite, and mobilise. But in the wrong hands, or with careless usage, it becomes a weapon of division and fear. Following the Pahalgam attack, we observed: Circulation of religiously biased narratives falsely suggesting targeted killings Sharing of gruesome images and videos without verification or consent Leaking of sensitive government or military movements Viral WhatsApp forwards and posts filled with baseless speculations and communal slurs Most of these were either completely unverified or deliberately misleading, and each share only made the situation worse. Why Sharing Unverified News Is Dangerous Here’s what happens when false information spreads unchecked: It fuels panic and fear: Citizens react emotionally, often irrationally, causing public unrest or fear-based decisions. It gives terrorists an advantage: When citizens unknowingly leak troop movement or response strategies, it arms terrorists with intelligence. It deepens communal divides: Terrorist attacks are strategic—if we respond with communal hatred, we’re playing into their hands. It obstructs official investigations: Authorities spend precious time countering rumours rather than focusing on security and justice. Think Before You Share: A Responsible Digital Code Before hitting “share” on any post related to national tragedies or security events, ask yourself: Is this content from a verified and trusted news source? Could this post trigger hatred or cause panic? Does this reveal sensitive or strategic information? Am I helping or hurting the situation by sharing this? If your answer is unsure about any of the above, don’t share. It’s that simple. What the Indian Government Is Doing to Combat Misinformation and Terror India has taken several cyber and tech initiatives to safeguard the country not just physically, but also digitally. Here are some major efforts: Indian Cyber Crime Coordination Centre (I4C): A pan-India infrastructure for dealing with cybercrime cases efficiently. It helps states and union territories in tracking and solving cases. National Cyber Coordination Centre (NCCC): Operates under the Ministry of Home Affairs to monitor internet traffic, detect cyber threats, and gather digital intelligence. CERT-In (Indian Computer Emergency Response Team): Acts as the first responder to any major cyber incident. It also runs Cyber Swachhta Kendra, which promotes safe internet habits among users. Public Awareness Campaigns: The government regularly collaborates with social media platforms to flag fake news, remove hate content, and promote verified information during crises. The Role of Technology: How Can Indian Tech Help? Here’s how Indian innovation and startups can contribute to a safer digital ecosystem: AI-powered Fact-checking Tools: Real-time detection of fake news and deepfakes Secure Messaging Platforms: End-to-end encrypted tools with flagging for harmful content Geo-fencing Alerts: Preventing the sharing of location-based military or sensitive operations Public Reporting Portals: Apps where citizens can report misleading posts or hate content instantly India’s tech sector is growing rapidly—now is the time to build ethical, responsible digital tools for our national safety. The Role of Citizens: You Are the First Line of Digital Defence You don’t need to be a cybersecurity expert to help the nation. You just need to be aware. Here’s how: Share information responsiblyCall out hate or false claims in your networkEducate others about fact-checkingSupport initiatives like Digital India, Cyber Swachhta Abhiyan, and media literacy programsReport suspicious posts to platforms and authorities National tragedies like the Pahalgam attack are heartbreaking—but they’re also moments of reckoning. They remind us of the values we must protect: unity, humanity, and truth. In the digital world, each one of us is a media outlet—and with that comes great responsibility. Let us pledge today to use the internet wisely. Let’s stop the chain of unverified, negative, and harmful news. Let’s amplify real stories, verified facts, and messages of unity. [Terrorism seeks to break us, confuse us, and divide us. By spreading fake news, we help them. By standing together with the truth, we defeat them.] [At The Cyber Share, we’re committed to promoting digital awareness, cyber hygiene, and responsible tech use. Join us in building a smarter, safer, and united digital India.]

SIM Swap Scams: A Growing Danger to Your Online Security

SIM Swap Scams

SIM Swap Scams are rising threats that enable cybercriminals to hijack phone numbers and access sensitive accounts. Protecting yourself with app-based 2FA, mobile account PINs, and cautious information sharing is crucial to staying secure. In today’s increasingly digital world, smartphones are more than communication tools; they are gateways to our personal data, finances, and online identities. Unfortunately, this makes them prime targets for cybercriminals. One of the most alarming types of fraud on the rise is SIM Swap Scams, also known as SIM hijacking. This scam can lead to severe consequences including financial loss, identity theft, and complete account takeovers. What is SIM Swap Fraud? SIM Swap Scams occur when a scammer successfully transfers your mobile number from your legitimate SIM card to the one they control. Once they gain control of your number, they can intercept calls and text messages, especially one-time passcodes (OTPs) used for two-factor authentication (2FA). This gives them unauthorised access to sensitive accounts, such as your bank, email, and social media. In 2021 alone, SIM Swap Scams accounted for an estimated $68 million in losses. In 2022, more than 1,600 complaints were reported in the U.S., indicating a global surge in such attacks as digital reliance increases. How SIM Swap Scams Work To execute a SIM swap, fraudsters gather personal information about their target through various means: Social Engineering: Scammers impersonate mobile carrier representatives and trick victims into revealing sensitive information. Phishing: Fraudsters send fake messages or emails appearing to be from legitimate organizations to extract personal details. Data Breaches: Hackers exploit leaked data from company breaches, using stolen names, addresses, and phone numbers to impersonate victims. Once they have the necessary details, scammers contact the victim’s mobile carrier pretending to be the victim. They claim they lost their phone and request a SIM replacement. Upon successful execution, the phone number is ported to the scammer’s SIM card, giving them full access to incoming calls and SMS-based OTPs. Risks of SIM Swap Fraud The implications of SIM swapping are far-reaching: Bank Account Takeovers: Scammers can intercept OTPs used for bank logins and drain your account. Social Media Hijacking: Fraudsters may take over social accounts to extort money or spread malicious content. Identity Theft: With access to your data, scammers can impersonate you, open new accounts, or conduct fraudulent activities in your name. Between 2018 and 2020, SIM Swap Scams caused a reported $12 million in losses, as per FBI data. With widespread reliance on SMS-based 2FA, the threat has never been more severe. How to Protect Yourself from SIM Swap Fraud Use Stronger 2FA Methods Avoid SMS-based 2FA when possible. Instead, opt for app-based authenticators like Google Authenticator or Authy, which are not tied to your phone number. Set a PIN or Password with Your Carrier Many mobile providers offer the option to add an extra layer of security in the form of a PIN or password. This makes it more difficult for scammers to impersonate you. Monitor Your Accounts Stay vigilant and regularly check your bank, email, and social media accounts for suspicious activities. Report any unusual behaviour to your service provider immediately. Be Cautious with Personal Information Limit what you share on social media, especially personal identifiers like your full name, date of birth, and address, which can be used by scammers to validate a SIM swap. Act Fast If You Suspect Fraud If you suddenly lose cell service or suspect your number has been compromised, contact your mobile provider immediately to lock your account and prevent further damage. Is eSIM Technology the Answer? An emerging technology that could reduce the risk of SIM swap fraud is the eSIM. Embedded directly into devices, eSIMs do not require physical cards, making it more challenging for fraudsters to swap or replace them. Benefits of eSIMs include: Enhanced Security: Harder to manipulate than physical SIMs. Convenience: Easily switch carriers without changing SIM cards. Space Efficiency: More compact design for slimmer devices. Although not yet universally adopted, eSIMs represent a promising step toward more secure mobile connectivity. SIM Swapping vs. Porting Attacks SIM swapping and porting attacks are often confused but operate differently: SIM Swapping: Involves fraudulently transferring a number to a new SIM card. Porting Attack: Transfers the number to a new carrier without switching the physical SIM. Both techniques allow scammers to hijack your accounts by intercepting 2FA codes. How SIM Swaps Lead to Account Takeovers Once in control of your number, scammers can: Reset passwords for key accounts using intercepted OTPs. Gain access to emails, social media, and banking apps. Use compromised access to commit further identity theft and fraud. This chain of events can devastate victims financially and emotionally, making prevention crucial. How Businesses Can Protect Customers Organizations, especially in tech and finance, must take steps to prevent account takeovers: Implement risk-detection systems like Prove’s Trust Score+ that evaluate SIM swap likelihood based on telecom data and user behaviour. Encourage users to enable app-based 2FA. Alert users of any suspicious account activity. By integrating proactive security tools, businesses can minimize the threat of SIM swap fraud and better protect their users. Conclusion SIM swap scams are a growing threat in the digital age, but awareness and proactive measures can significantly reduce your risk. Using app-based 2FA, securing your mobile account with a PIN, and limiting exposure to personal information are vital steps toward protecting your digital identity. As eSIM technology becomes more prevalent, it may further strengthen our defences against these attacks. Stay informed, stay cautious, and take control of your mobile security to avoid falling victim to this dangerous scam.

The Ghibli Art Craze: An Adorable Movement with a Secret Danger

Ghibli Art

The Ghibli Art trend has gone viral, turning real-life photos into whimsical animations, but cybercriminals are exploiting it with scams and malware. Authorities warn users to stay cautious and use only trusted platforms. The quirky new trend of Ghibli-style pictures has taken over the internet in recent weeks. From kids and influencers to famous people like Sachin Tendulkar and even official government websites, studio Ghibli’s distinctive animation style is being used to turn everyone’s real-life images into fantastical settings. However, there is a significant cybersecurity risk hidden beneath the idyllic images. The public was recently warned by the Chandigarh Police about the rise in cyber scams that use the Ghibli art craze as a lure. Why is Ghibli’s art so well-liked, and what is it? The renowned Japanese animation studio Studio Ghibli, founded by Hayao Miyazaki, Isao Takahata, and Toshio Suzuki, serves as the model for Ghibli Art. Studio Ghibli, well-known for classic movies like Spirited Away, My Neighbor Totoro, and Howl’s Moving Castle, is praised for its delicate colour schemes, emotionally charged narratives, and hand-drawn characters. Users may now quickly transform ordinary photographs into Ghibli-style illustrations thanks to the development of AI-powered tools. It’s now easier than ever to follow the trend, thanks to platforms like ChatGPT, which allow users to create up to three photos per day. How Did the Trend Go Viral? It all began when Seattle software engineer Grant Slaton created a Ghibli-style picture of his family at the beach using OpenAI’s image-generating tool. When he shared it on X (previously Twitter), it became viral, garnering millions of views and more than 45,000 likes. What started as a private post swiftly became a worldwide sensation, with others sharing their Ghibli-inspired works all across the world. The Dark Side: Cybercrime Hiding in Plain Sight The growing popularity of the fad presented an opportunity for cybercriminals. The Chandigarh Police said that criminals are now tricking people into installing malware or divulging personal information by exploiting phoney Ghibli art portals. Here’s how: Phishing Websites Phishers have created phoney Ghibli art websites that ask visitors to submit pictures. Once submitted, a photo or personal data may be stolen and used maliciously. Phishing emails Phishing emails purporting to be from Studio Ghibli are being sent to some users. These could provide links to “official” art outlets, products, or invitations to contests. However, after being clicked, these URLs have the potential to install malicious software that steals private information, including banking information and passwords. Scam Contests & Giveaways Cybercriminals are promising Ghibli-style artwork in exchange for user information through phoney online competitions and giveaways. It’s only a means of spreading viruses or gathering data. Dangerous Downloads Wallpapers or “Ghibli art packs” are available on some websites, however, the files could be infected with ransomware or viruses that lock down your computer or steal data. False Artist Listings Scammers are also using social media to pose as Ghibli fan artists. They might attempt to deceive users into disclosing personal information or offer phoney artwork.  How to Stay Safe: Tips from Cyber Experts Here are some crucial safety precautions if you’re following the Ghibli trend: When creating Ghibli artwork, only use reputable and authorized sites. Never click on strange links or dubious emails. Refrain from giving strangers access to your personal or financial information online. If a contest or deal looks “too good to be true,” it probably is. Therefore, make sure to check it out first. Inform cybercrime authorities about any dubious emails, profiles, or websites.  Final Thoughts Unquestionably stunning, the Ghibli Art movement is a celebration of creativity in the digital era. Yet, particularly on the internet, beauty frequently comes with risks. While incorporating a little fantasy into everyday life is fantastic, it’s equally crucial to remain vigilant and watchful. Go ahead and take in Ghibli’s magic, but be careful when you click. Art should be joyful, not dangerous.

Gift Card Scams: Protect Yourself from Fraudsters

Gift cards

Scammers use gift cards to trick victims into making fraudulent payments, often by posing as government agencies or businesses. Always remember—gift cards are for gifts, not payments. Gift card are for gifts not for payments. Scammers are the only ones who will advise you to purchase a gift card and provide them with the card’s back numbers.  You will never be told to purchase a gift card to pay a reputable government agency or business. Government agencies, such as the IRS, Treasury Department, FBI, or local police departments, will not accept any form of gift card as payment and will not ask you for gift card information, especially over the phone. You should never be asked to pay your utility bills, bail money, debt collection, or hospital bills with gift cards. If you are, it’s a scam. Gift cards should never be used to settle debt collection, utility bills, bail money, or medical bills. It is a scam if someone makes such a demand. How Gift Card Scams Work Scammers try to convince victims to purchase Gift cards and reveal the numbers by contacting them by phone, text, email, or social media. These are the typical strategies employed: Scammers will say it’s urgent They will warn that if you don’t pay them immediately, dire consequences will ensue. Resist the pressure to act immediately. Slow down and talk with someone you trust. Don’t pay. It’s a scam. Specifying Which Gift Card to Buy They might instruct victims to purchase a particular brand of Gift Card and sometimes even specify where to buy it. To avoid detection, scammers may direct victims to multiple stores. Some fraudsters remain on the phone with victims while they purchase the cards. If this happens, hang up immediately. Asking for Gift Card Numbers and PINs The scammer requests the numbers and PIN codes on the back of the Gift Card to access the money. Never share these details with anyone. Common Gift Card Scams Gift Card scams are usually part of larger fraudulent schemes. Scammers use different stories to manipulate victims into buying gift cards. These are a few of the most prevalent kinds: Government Impersonation Scams Fraudsters claim overdue taxes or fines by impersonating representatives of organizations such as the IRS, FBI, or local police. Gift cards are never required as payment by government entities. Tech Support Scams Scammers believe there is a problem with your computer and pose as representatives of an IT company. They may ask for remote access or demand payment via gift card for a fake repair. Legitimate tech support services never contact customers this way. Emergency Scams Someone pretending to be a friend or relative says they are in desperate need of assistance because of money problems. To sound like a loved one, some people employ voice cloning. Before answering a request, be sure everything is in order. Fake Prize Scams Scammers say you won something, but you have to use a gift card to pay taxes or other costs. Reputable awards never demand payment in advance. Utility Company Scams Fraudsters pose as representatives of water or electricity providers and threaten to cut off service unless a gift card is paid right away. This is not how utility companies work. Romance Scams Scammers build relationships on the internet before requesting gift cards as payment. Never give someone you haven’t met in person money or presents. Fake Check Scams Victims receive a check for an excessive amount and are asked to return the difference using a gift card. The check later bounces, leaving the victim out of money. How to Respond If You Gave a Scammer a Gift Card If you realize you have been scammed, act quickly: Notify the gift card company of the scam right away. Even if the scam happened some time ago, report it. Your chances of getting your money back are better the sooner you take action. Request a refund Some companies have measures in place to help scam victims recover lost funds. Always ask. Report fraud to the FTC Visit ReportFraud.ftc.gov to file a complaint. Your report helps authorities track down scammers. Contacting Gift Card Companies If you have the gift card and purchase receipt, contact the company that issued it. Below are the customer service numbers for major gift card providers: Amazon: 1-888-280-4331 American Express: 1-877-297-4438 Apple/iTunes: 1-800-275-2273 Best Buy: 1-888-237-8289 eBay: Customer Support Chat Google Play: Report fraud to Google MoneyPak: Fraud claim submission on their website ReloadIt: 1-888-633-9434 Sephora: 1-877-737-4672 Steam: Report fraud via Steam Support Target: 1-800-544-2943 Vanilla: 1-833-322-6760 Visa: 1-800-847-2911 Walmart: 1-888-537-5503 Look for your card issuer’s customer service details online or on the back of the card if they are not on the list.  How to Buy and Use Gift Cards Securely Use these precautions to avoid fraud: Purchase from reliable merchants Don’t buy from online auction sites because the cards can be stolen or counterfeit. Inspect the card before purchase Make sure the PIN is hidden and the protection stickers are still in place. Select an alternative card and notify the store employees if anything appears to be incorrect. Keep records of your purchase Save the gift card and store receipt. Take a photo of both as proof of purchase. These details will help if you need to report fraud or recover funds. Final Reminder: Stay Alert! Gift cards are for gifts, not payments. Never follow instructions to purchase a gift card. It’s a fraud if someone asks you to pay using a Gift Card. Gift card fraud can be prevented for both you and other people by remaining vigilant and knowledgeable.

Online Sextortion: What You Need to Know and How to Protect Yourself

Online Sextortion

Online sextortion is a cybercrime where scammers blackmail victims using private or intimate content. It is punishable under IPC and IT Act provisions. Online sextortion happens when a scammer threatens to post your private and sensitive information online if you don’t provide them with money, sexually suggestive photographs, or sexual favours. In addition, if you don’t agree with their demands, the criminal may use information they have stolen from technological devices to threaten to damage your friends or family. Online Sextortion is a form of online abuse where a  Online sextortion for cybercriminal uses social media, online dating apps, instant messaging apps, SMS, and porn websites, among other platforms, to trick users into participating in private audio or video conversations and coerce them into providing revealing images or posing nude. The con artists then utilize these resources to threaten, embarrass, harass, blackmail, and exploit the victims. Dangers Abuse and Exploitation Harassment Blackmail Threats of public humiliation Mental distress Modus Operandi The scammers utilize a variety of tactics to try to trick people into disclosing private information. posting messages for video/audio chat using fake accounts/profiles creating pages/ad campaigns The users get victimized when they pay for such services and pose nude or in a compromising position in video calls accepts or sends friend requests to the fake account/profile and is involved in intimate interaction posing nude in video chats, sending revealing pictures, etc., The scammer films video snaps screenshots, takes images, uses exposing images, or alters the given photos. The victim is blackmailed by the scammer, which leads to online sextortion. The users of porn sites may also fall prey to online sextortion when their chats/video calls on porn sites are used for blackmail by fraudsters. Channels used for trapping the victims into online sextortion The scammers use the above-mentioned method of operation to resort to online sextortion through a variety of avenues, such as Messaging apps Dating apps Social media platforms Porn sites etc., Warning signs indicate attempts of online sextortion by cybercriminals Repeated untoward messages/video calls from unknown number/s Repeated friend requests from an unknown person Repeated requests for private intimate pictures, video chats, photos Manipulating or redirecting the conversation toward intimate topics Rush through the things and try to develop intimacy Warning signs that may indicate victimization Signs of fear, nervousness, anxiety, depression Isolating self and being very reactive & emotional Feeling desperate and frustrated Having suicidal thoughts and self-harming behaviour. Safety tips to protect yourself against online sextortion Never share any compromising images, posts, or videos of yourself with anyone, no matter who they are Remember that the internet never forgets or forgives. Whatever you share once will always be there on the Internet in one form or another. Never accept or request friendship from unknown people on social media platforms. Turn on security and privacy options for your instant messaging apps and social media accounts. Use the “Report User” option on social media platforms to report any such Do not share your personal/private pictures publicly. When not in use, turn off your webcams and electrical devices. Use two-factor authentication with strong passwords and different passwords for different social media accounts. During an online interaction or chat, if the person on the other side is trying to rush through things and develop intimacy, then it is cause for alarm. Never let anyone use a device to record any intimate behaviour or private portion, no matter how close they are. Such data can be misused at a later stage. Never open attachments or answer video calls from strangers. Save the evidence and the screenshots for referring to the incident later. You are not alone, so don’t suffer in silence. Instead, ask for support from dependable friends and family. File a complaint against sextortion online or at your nearest cybercrime cell. Remember that you can also anonymously file an online complaint against such an offence on the national cybercrime reporting portal cybercrime.gov.in. Avoid taking private, nude, or semi-nude pictures or films using your phone as they could embarrass you if they are leaked. Several rouge mobile apps could access your gallery/storage and can be used to blackmail you. Don’t hesitate to file a complaint or contact the police due to shame, embarrassment, and self-blame. Know what the Law Says about this offence? It is a punishable offence by law and attracts sections 354 (D), 506 / 507, 509 IPC, and 384 IPC, and Sec.67 of the IT Act is also applicable. Criminals who commit such crimes typically profit from the victim’s silence and the ambiguity of the law. Everyone must therefore be aware of the portions and codes that will be useful to them in these situations. Criminal Procedure Code Section 108(1)(i)(a) enables the victim to contact the local magistrate and report the individual she feels may be spreading any pornographic material. The magistrate can arrest such a person or people and require them to sign a bond to prevent them from sharing the content. This might deter the accused. This is a quick remedial section because the victim can complain to the magistrate without any direct evidence against the accused. The Indian Penal Code’s (IPC) Section 292 incriminates anyone who uses apps or other social media to disseminate or threaten to distribute any compromising or intimate photos of another person. If a picture of the woman is clicked obscenely without her knowledge and is distributed, a voyeurism case under Section 354C of the IPC can also be filed along with the assistance of other pertinent Information Technology Act parts.

Beware of Romance Scams: Protect Yourself from Online Fraud and Heartbreak

Romance scams

Online romance scams involve fraudsters using fake profiles to deceive victims into sending money, leading to financial and emotional harm. Stay cautious, verify profiles, and report suspicious activities to avoid falling victim. In the current digital times, where even intimate relationships can be formed online, people must accept that all that meets the eye cannot be real in an online world. Instances of a prospective life partner you meet online turning out to be a fraudster and a seemingly reliable online friend becoming an offender abound. It is therefore essential that digital users exercise care and caution as well as become aware and alert while interacting online, to save themselves from a broken heart and hole in the purse. When a fraudster uses a phoney profile to trick a victim into parting with their hard-earned money under false pretences, it’s known as an online romance scam. Dangers Trapped in fake online relations Loss of Money Blackmail Heartbreak Depression Probable causes (of online romance scams) Relying on online dating ( platforms like Tinder, bumble etc., for partners. Fake profiles on matrimonial sites A rise in the use of extramarital dating apps like Gleeden and online social meeting apps like Facebook dating Loneliness or anxiety due to isolation, especially in COVID times Potential Victims Although anyone could become a victim of this fraud (Romance Scams), the following people are frequently seen as victims: Women * Middle-aged people * Widowers People with romantic idealization (Romance Scams). People with impulsiveness and relational addiction Modus Operandi A fraudster operating with a fake profile makes contact with a potential victim (and establishes a fake relation/bond.) Before registration, make sure the dating app  (Romance Scams) or matrimonial website is legitimate, and create a new email address. The fraudster convinces or makes the victims obliged to send them money online using means like gift cards, UPI payment, bank transfer, reloadable debit cards etc., on some pretext. They may seek money due to emergencies like accidents, hospitalization etc., They may ask them to invest money in bogus schemes They may convince you about good investment schemes like cryptocurrencies etc., Over time after extracting the money, they may avoid the victim completely and dump them. (Intimate pictures shared during interaction may also be used by fraudsters to extort money from victims) Warning Signs Friend requests from unknown people Expressing feelings of affection and love too soon in an online relation Being very empathetic and obliging Avoiding meeting in person Mismatch in the details shared when verified closely Seeking financial help and making requests for money/gifts on some pretext. Hypothetical Case Study In her 30s, Lata worked as a professional software developer in Hyderabad. She had registered on a popular marriage website to find a decent and attractive mate. After Rohan contacted her, Latha checked his online profile and discovered that he was a senior official at a government organization with a wealthy and well-respected family. Impressed with the profile she pursued the match with the approval of her family. After some time Rohan requested Latha to help him with some money as he was in dire need of it. Trusting him, Latha helped him out with a lot of money. It was later on when suddenly Rohan went untraceable and had switched off his mobile totally, that she identified something was wrong. After approaching the police department, she came to know that ‘Raghuveer’ alias ‘Rohan’ was a fraudster who trapped women for money and committed crimes. Safety Tips Before registration, make sure the dating app (Romance Scams) or matrimonial website is legitimate, and create a new email address. It is preferable that you do not share your details like mobile no., residential address on matrimonial sites (Romance Scams) or dating sites openly/publicly. Never share any private picture bank account or other financial details with people you have met recently. Have a thorough end-to-end background check taking ample time before you decide to proceed in relation. You can also consider taking the help of an investigation agency. Be very cautious while considering a prospective groom with an NRI profile on a matrimonial site (Romance Scams). Always personally meet the person you have known online at a public place and ask them enough questions. Never accept money requests from strangers you meet online. Do not invest in schemes etc., as per the advice received by someone you only met online; be cautious of claims/requests of exclusive investment opportunities with urgency to act fast. Always keep a neutral person informed who can gauge and assess the interaction and advise logically. Never give your bank account details, passport or identification copies, or any other private information to an unknown online person or website. Enable required privacy and security features on social media platforms and keep your information private mostly. Ensure that you do not accept friend requests by strangers at face value without proper verification. Terminate the relationship and report it if you believe it to be a scam. File a complaint about the scam at your nearest cyber crime cell and online on www.cybercrime.gov.in portal. Report or Notify the scammer on the social media site, app, or service where the scam (Romance Scams) occurred, this may help others from being victims. In case you have shared any banking-related details, follow the rules and approach the bank for necessary action. Go easy on yourself, learn the lesson and move on

Protect Yourself Online Matrimonial frauds – Information Security Awareness

Online matrimonial frauds

Online matrimonial frauds is on the rise these days, posing a huge threat to individuals looking for a partner through online platforms. Fraudsters take benefit of the vulnerabilities of unknowing people, causing them financial loss, emotional distress, and potential harm. Over two decades, online matrimonial sites have gained popularity in India where most marriages are still arranged by parents. The whole traditional matchmaking process changed and was set aside when the wave of online matrimonies came into existence. For Indian bachelors looking to explore and find a lifelong partner, online matrimonial sites offer the right fusion of modern technology and traditional Indian traditions.  This increased demand for online services that run searchable databases of marriage-related content, such as Shaadi.com, Jeevansathi.com, and Matrimony.com Ltd.  But, matrimonial sites are not completely safe. There is a possibility that you will regret not taking certain precautions. The number of people falling for marriage website scams has gone up. Dangers Financial Loss Emotional Manipulation: Identity Theft: Blackmail and Extortion: Vulnerable Groups: People Looking for Companionship: People who are searching for a relationship or who are emotionally fragile may be more prone to falling for fraudulent schemes and scams. Elderly People: Due to their possible substantial financial holdings and low understanding of contemporary technology, the elderly are frequently targeted since they may be more trusting and less accustomed to internet platforms. The present scenario Online matrimonial frauds Matrimonial sites come under ‘intermediaries’ within the IT Act 2000. They are responsible for the frauds that are perpetrated through their sites. Matrimonial sites. However these websites do not have any stringent KYC (Know Your Customer) procedures in place and hence readily accept documents/facts provided by fake profiles, which results in fraud being committed. With the increase in frauds through matrimonial sites, Cyber Law Due Diligence becomes a very important way to put an end to the use of matrimonial and dating sites as means of deception and fraud. The Information Technology Act, of 2000 is the Cyber Law of India that mandates observance of Cyber Law Due Diligence and Internet Intermediary Obligations in India. Cyber Law Due Diligence means taking proper and Reasonable Care and Caution while dealing with Online/Technological Transactions and Activities. Modus operandi With the minimal KYC/verification procedures in place to register on online matrimonial websites, the fraudster usually follows the following modus operandi: The fraudster initially creates a fake profile with attractive descriptions. In most cases, the person seems to be settled or working abroad, thus making actual meetings difficult. Later they look for gullible profiles to fall into their trick. In most cases, the targets are widows or divorced while some are elderly women looking for life partners. Also, they look for targets who are economically sound. Later, phone numbers, and email addresses are shared to increase personal communication and gain trust. Once the communication is established the fraudsters delete the profiles on the online matrimonial website and only communicate through phones, emails, or phone messengers. After gaining trust, money is demanded on various pretexts like customs clearance of costly gifts or as conversion charges for foreign currency, government clearance for diamonds, gold, or inherited wealth. All this money is asked as an online transfer and the person never meets the victim. Once they receive the money they never respond to the victim which makes it difficult to trace. Warning Signs Be alert to the red flags that can help you identify online matrimonial fraudsters: Are not willing to show their face and avoid face-to-face meetings, they are also reluctant to come on video chat, profile photo may not be theirs. Ask for a money transfer, citing some emergency, initially a small sum and later a large amount May not have a social profile or have few friends on social media Hesitate to share family/ workplace details Express “love” too quickly even before fully understanding each other The profile looks too good to be true for that person to express interest to you They call from multiple numbers. They usually don’t give a number to call back. Even if they give you a number, they don’t pick up when you call. Later, they call you back from a new number It sounds inconsistent or confusing when you ask for personal details, and their information is marked with inconsistencies. Are you in a mad rush for early marriage, without a valid reason Request for deletion of your profile immediately after getting in touch with you Ask for email username/ password or credit card/ bank account details Come up with false stories to gain sympathy How to save yourself Explore the various available online matrimonial websites Do a good Google search about the available Online matrimonial frauds platforms. Check for reviews from registered users and find a suitable one. Also, most matrimonial websites add a verified batch of profiles that are checked by their team. If you see a verified batch, you can go forward with the person without thinking much. Check out how genuine the website is before you register. Make sure the site has good reviews from registered members. Do a profile check. While you rely on online ways to find your life partner you must take this responsibility and do a thorough profile check. Check every detail carefully. Do a proper check on current and permanent address, education workplace etc. At any point you think there is a mismatch, feel free to question the other person. Once you decide to go ahead, find out whether details given about the individual’s qualification, job, family background and such details are indeed true to avoid regrets at a later stage. Verify the details mentioned in the profile you are interested in, and do a profile check on social media platforms for further information about the person. If you do not find details on any social media, it is a red flag Slow and steady wins the race Marriage is a lifetime decision and you cannot take a chance here. Life is not a race, ensure

The WhatsApp Wedding Invitation Scam: How to Protect Yourself from Digital Fraud

Digital Fraud

Sending wedding invitations is easier than ever. Digital Fraud invitations can easily replace traditional paper cards. However, this shift has opened doors for a dangerous trend: the WhatsApp wedding scam. Fraudsters are now using fake wedding invitations to target unsuspecting individuals, and you could be their next victim. In this article, you can get more information about fake wedding invitation scams. How the Fake Wedding Invitation Scam Works Imagine receiving a WhatsApp message from an unknown number. The sender claims to be inviting you to a wedding. The message feels genuine, with friendly language and attachments labeled as wedding cards. Without much thought, you tap on the file to see the invite. However, these attachments are not actual invitations but malicious APK files. Typically, APK or Android Package Kit files are used to install apps on Android devices. If these APK files are corrupted and you download and open them, you may unknowingly grant the scammers access to your device. The digital wedding Digital Fraud feels personal and believable. Weddings are joyous occasions, and most people wouldn’t suspect foul play. Scammers exploit this trust to trick you into downloading malware. How a Fake Wedding Invitation Scam Can Lead to Financial Losses If you fall victim to this digital wedding scam, you could face financial losses in the following ways: Compromised Sensitive Banking Data: Through malware, cybercriminals can extract banking information you may have saved on your phone. This could include account numbers, card details, passwords to various financial accounts, payment details saved on browsers, and auto-fill credentials. OTP Theft: Scammers can use malware to intercept messages containing OTPs. This way, they can authorize unauthorized payments or money transfers. They can also gain access to your banking and payment apps. Exploiting Payment Apps: Malware can allow scammers to access banking and payment apps. They can use the information stored in the app to steal money from your accounts. Saved card details could be used to make fraudulent transactions. Unauthorized Subscription to Paid Services: Cybercriminals may use your compromised data to subscribe to premium services, apps, or websites. These services might charge recurring fees directly to your Credit or Debit Card. Hence, you ought to check your transaction history regularly to prevent scammers from draining your funds. Account Takeover: By hijacking your financial accounts, Digital Fraud can lock you out of your accounts and steal your money. They may also use your account to conduct fraudulent activities. Therefore, you must report this immediately and protect yourself from liabilities. Identity Theft: This digital wedding Digital Fraud can also put your personal identification details at risk. Scammers can access these details saved on your phone and use them to open new accounts, apply for Credit Cards or loans, or impersonate you to commit Digital Fraud. Phishing: Malware can enable scammers to monitor your activities and create opportunities for phishing. This may include sending targeted phishing emails or messages to trick you into sharing more private information. Extortion: Fraudsters can use your data to blackmail you. They can demand ransom in exchange for not leaking sensitive photos and videos. This can lead to not only monetary losses but also emotional distress. How to Spot and Avoid the WhatsApp Wedding Scam By staying cautious, you can avoid falling victim to this fake wedding invitation scam. Here are some simple steps: Be Wary of Unknown Numbers: Be suspicious if you receive a message from a number you don’t recognize. Digital Fraud often target random users, hoping someone will take the bait. Verify the Sender: Before downloading any file, confirm its authenticity. If it’s a wedding invitation, ask the sender directly—preferably through a call or message on another platform. Avoid Downloading APK Files: Typically, you’d receive wedding invitations in the form of images, video files, or URLs as they are convenient. Legitimate wedding invitations don’t require you to download separate apps. Use Antivirus Software: You can keep your phone secure with antivirus apps for Digital Fraud. These can detect and block malware before it causes harm with Digital Fraud. Enable Security Features: Review your phone’s permissions from time to time. Make sure your apps can’t access sensitive data without your explicit consent with Digital Fraud. How Do You Know Your Phone Has Malware? Your phone may be infected with malware if you notice the following: You notice an increased number of pop-ups and inappropriate ads. You see apps you haven’t downloaded or don’t recognize. You may not be able to uninstall unrecognized apps. You notice your phone slows down or crashes often. Your contacts may receive messages that you did not send. You may see unauthorized transactions in your account due to scammers using bank details saved on your phone to subscribe to paid services. What to Do If You’re a Victim Taking prompt action can minimize the damage against this fraud on WhatsApp: Disconnect Your Phone: You must immediately switch off Wi-Fi and mobile data to limit the hacker’s access. Change Your Passwords: Update all important accounts, especially banking, email, and social media, to prevent further misuse. Alert Your Contacts: If scammers are using your WhatsApp account to send fraudulent messages, inform your contacts not to engage. Report the Incident: Don’t let cybercriminals get away. Report the scam to authorities by dialing 1930, the National Cyber Crime portal helpline in India. You can also visit https://cybercrime.gov.in to complain. Protecting Yourself in a Digital World and Stay Vigilant As the use of Digital Fraud platforms grows, scams like the WhatsApp wedding scam will only become more sophisticated. Staying informed is your best definition. *Disclaimer: Terms and conditions apply. The information provided in this article is generic and for informational purposes only. It is not a substitute for specific advice in your circumstances.