Infected Websites

How Infected Websites Works

Scammers create malicious websites, often during peak shopping seasons, that are designed to steal personal information. These sites typically feature excessive ads and images, and are laden with viruses and malware.

How This Scam Works — Detailed Explanation

Scammers target victims by creating infected websites that mimic legitimate e-commerce platforms, especially during busy shopping seasons like Diwali or festivals such as Eid. They often leverage tools like social media platforms, messaging apps like WhatsApp, and email to reach a wide net of potential victims. By advertising deals that appear too good to be true, they attract unsuspecting individuals who are eager to score bargains. A simple click on a link shared via WhatsApp, often in group chats or personal messages that seem trustworthy, can lead users directly to these malicious sites.

To manipulate victims further, these scammers employ psychological tactics that trigger fear of missing out or urgency. They often design their pages to look remarkably similar to well-known e-commerce sites like Flipkart or Amazon, featuring countdown timers that suggest limited-time offers. This creates a sense of urgency encouraging users to take immediate action, often bypassing any critical thinking. Additionally, excessive pop-up ads and fake testimonials reinforce the illusion of credibility, making victims believe they are browsing a trustworthy site, while the reality is far from it.

Once a victim unwittingly engages with these infected websites, the consequences begin to unfold rapidly. After entering personal information such as their name, phone number, and bank details through forms that appear legitimate, the scammers capture this data for malicious purposes. In one recent case, a user from Mumbai thought they were purchasing a popular electronic item online. After providing UPI details, they realized their bank account was drained shortly after completing the transaction, with approximately ₹2 lakh lost due to the scam.

The real-world impact of infected websites in India is alarming. Reports from CERT-In indicate that cybercrime has surged, with victims losing as much as ₹12,000 crore in various scams over the last year alone. Phishing attacks, including those using infected websites, comprise a significant portion of these scams. The Ministry of Home Affairs (MHA) has issued guidelines on how to remain safe online, but many still fall prey to these tactics. With only a few proactive steps, victims can significantly reduce their chances of encountering these scams.

To differentiate between a legitimate and malicious site, users should look out for telltale signs: check for “HTTPS” in the URL, avoid sites laden with pop-up ads, and scrutinize the web content for spelling errors or a disorganized layout. Furthermore, if an offer seems excessively generous or the site is asking for unusual amounts of sensitive information, it’s best to verify the offer through official channels. Always remain vigilant and informed to combat these phishing scams effectively.

Visual Intelligence:

BharatSecure's AI has identified this as a used in scams targeting Indian users.

Who Does Infected Websites Target?

General public across India

Red Flags — How to Identify Infected Websites

• malware
• phishing
• fake websites
• online shopping
• data theft

What To Do If You Encounter Infected Websites

1. Report any suspicious activity immediately by calling the cybercrime helpline at 1930 or visiting cybercrime.gov.in.
2. Contact your bank's customer service (SBI: 1800-11-1109, HDFC: 1800-202-6161) to report unauthorized transactions.
3. Change your online banking passwords and consider enabling two-factor authentication for added security.
4. Regularly monitor bank statements and UPI transactions for irregularities and report them to your bank without delay.
5. Educate family and friends about the dangers of infected websites and encourage them to stay cautious while shopping online.
6. Install reliable antivirus software and keep it updated to shield your devices from malware and phishing attempts.

How to Report Infected Websites in India

• Call 1930 — National Cyber Crime Helpline (24x7)
• File a complaint at cybercrime.gov.in
• Contact your bank immediately if money was lost
• Call RBI helpline: 14440 for banking fraud

Frequently Asked Questions

What to do if I shared my UPI ID on a phishing site?

Immediately contact your bank's helpline (SBI: 1800-11-1109, HDFC: 1800-202-6161) and report the incident. Also, change your UPI PIN and consider freezing your account temporarily.

How can I identify an infected website before I enter any information?

Look for signs like poor grammar, excessive ads, and a URL that doesn't match well-known sites. A legitimate site will also have clear contact information and reviews.

How do I report an infected website in India?

You can report scams related to infected websites by calling 1930 or visiting cybercrime.gov.in, where you can find specific guidelines for reporting fraud.

What steps should I take to recover money lost in an infected website scam?

Contact your bank immediately to freeze your account and investigate the transactions. If funds are lost, they can guide you through the recovery process; filing a complaint with cybercrime is also essential.

Verify Any Suspicious Message

Check any suspicious message, link, or call for free at bharatsecure.app. BharatSecure uses AI to detect scams in real-time and protect Indian users.