Festive-themed scams spike around Ganesh Chaturthi, with fraudsters using fake online idol sellers, cloned e-commerce sites, lottery and gift scams, fake event tickets, and fraudulent UPI/payment requests to steal money and personal data. Reported incidents include large financial losses from fake sweet orders, virtual darshan apps, and fraudulent contribution collectors, highlighting the need to verify sellers, avoid suspicious links, and report fraud promptly. #Utsav #TiwariMithaiwala
Keypoints
- Scammers create fake websites, social pages, and WhatsApp groups to sell eco-friendly Ganesh idols, often redirecting users to WhatsApp for social engineering.
- Lottery, lucky-draw, and gift scams ask victims to share personal details or pay processing fees for non-existent prizes (example: a fake ₹3 crore lottery promotion).
- Fake shopping ads and cloned e-commerce sites (e.g., thekitstore.in, sale-bigdeal.site) lure buyers with deep discounts and steal payment information.
- Fraudulent delivery/shipping alerts and fake courier messages trick victims into paying urgent fees or authorizing UPI transfers via malicious links or QR codes.
- Seniors are frequently targeted; reported incidents include a ₹1.38 lakh sweet-order scam and unauthorized debits after QR-code UPI payments for festival contributions.
- Fake event passes, fake loan/0% EMI offers, and virtual darshan apps have been used to collect payments without delivering services.
- Recommended defenses include buying from verified sellers, checking URLs and HTTPS, avoiding unknown links, enabling 2FA, verifying payee names on UPI, and reporting fraud to the National Cyber Crime Reporting Portal.
MITRE Techniques
- [T1589] Gather Victim Identity Information – Fraudsters collect personal details via fake lottery/prize notifications and gift claims: “…Congratulations! You have won a Ganesh Chaturthi prize worth ₹10,000… to claim the prize, victims are asked to share personal details…”
- [T1192] Spearphishing Link – Scammers send malicious links in SMS/WhatsApp to steal payments or credentials: “…you may receive a WhatsApp or SMS claiming that the parcel is ‘stuck’ and requires an urgent delivery fee… directed to click on a malicious link…’”
- [T1531] Account Access via Social Engineering – Impostors pose as support or relatives to obtain OTPs/PINs and authorize transactions: “…If a caller or message asks for your bank OTP or PIN to ‘confirm delivery’ or ‘process payment,’ do not comply…’”
- [T1395] Clone Phishing – Creation of fraudulent websites and sponsored ads that mimic real brands to collect payment details: “…The phishing website resembles an e-commerce… the ad redirects users to a fraudulent website which mimics a legitimate e-commerce platform…’”
- [T1406] Watering Hole – Use of festival-themed pages, promoted ads, and templates to lure a broad set of victims searching for Ganesh Chaturthi deals: “…A sponsored ad uses a Ganesh Chaturthi Basic Pooja kit template to lure victims and redirect them to a scammer-controlled website…’”
Indicators of Compromise
- [Domain ] fraudulent e-commerce sites used to defraud shoppers – thekitstore.in, sale-bigdeal.site
- [URL ] phishing redirect links used in ads and social posts – https://sale-bigdeal.site/website?… (example full redirect link shown)
- [App/Name ] malicious or fake apps and vendors used in scams – “Utsav” app (virtual darshan scam), “Tiwari Mithaiwala” (fake sweet order)
- [Payment method ] UPI/QR fraud context – QR-code UPI payment leading to unauthorized debits (example: fake Ganesh Mandal contribution QR prompted multiple unauthorized debits)
- [Social media page ] recently created/low-engagement pages used to promote scams – Instagram pages with zero likes running sponsored ads (context: fake JBL earbuds and festival offers)