Skip to main content

PRIZE SCAM: If you have to pay to get the prize, it's not a prize

Awareness is necessity

Have you ever got any calls stating that you have won a prize or lottery from any online shopping website?

The chances are these calls are fraud



As a Cyber volunteer, I have analyzed some case studies of these kinds of frauds.
Let’s understand how this type of fraud happens !!

The fraudster calls you imposing as an employee from any trusted online shopping site. They try to convince you by giving you the details about your last purchase from the site, with the product and order details.

When a person believes that the fraudster is an employee from the online site, they give them attractive schemes about different prizes like laptop, T.V, mobile phones and give an option to select one prize from them.When you show some interest and select a prize from the mentioned prize, they send us a link as SMS. The link sent is the fraud link which asks for our registration details like bank details as well as personal information. While registration they ask us to pay just the shipping and handling charges to get it delivered to your place.After all the process and paying the fees you find out there is no prize.

One such case happened recently where a victim lost their ₹ 96,000/-. For such scams, tracing back fraudsters is very difficult.

So the way we can avoid such crime is by:

  1. Be aware and never believe in this kind of fraud call.
  2. No shopping website calls informing about the prize or lottery.
  3. Never give personal details, bank details or OTP over the phone to anyone.
  4. Ignore messages and calls of lottery and lucky draw. especially if you have not entered any lucky draw.
  5. Inform about such crimes on the government portals mentioned:
    • All over India- : http://cybercrime.gov.in
    • For Gujarat- :cc-cid@gujarat.gov.in
    • For cybercrime helpline- :1800-1800191 or 155260
    • For financial fraud emergency number- :100/112

Whenever we need emergency help for any physical crime we approach the police department by dialling 100, the same should be done in the case of cyber crimes too.

Labels:

Comments

Post a Comment

Please do not enter any spam link here.

Popular posts from this blog

How to Pass CompTIA Security+ SY0-701 in 2 Months (839 Score Breakdown + Resources)

How I Scored 839/900 on CompTIA Security+ SY0-701 — 2-Month Prep Strategy That Actually Worked Score: 839/900  |  Exam: CompTIA Security+ SY0-701  |  Prep Time: 2 Months  |  Total Questions: 76 (including 3 PBQs) I'm not going to sugarcoat it — CompTIA Security+ is not easy, but it is very passable with the right strategy. I cleared it with an 839 out of 900, and in this post I'll share exactly how I did it, domain by domain, so you can replicate the approach without wasting time. My 2-Month Study Plan Month 1 — Domain-by-domain study: Read, take notes, and build comparison tables and mnemonics for tricky concepts. Month 2 — Heavy practice testing: Full focus on practice tests and PBQ simulations. Time management drills every session. The biggest mistake people make is spending 90% of their time reading and only 10% practicing. I flipped that in month 2 — and it made all the difference. Domain 1 — General Security Concepts What to focu...
Post a Comment
Read more

Email Security Deep Dive: 13 Steps to Keep Your Emails Safe

Email Security Checklist The Email Security Checklist 1. Enable SPF (Sender Policy Framework) What it is: SPF is like a guest list for your email domain. It tells the world that only specific servers are allowed to send email for your domain. How it works: Publish an SPF record in DNS. When someone receives an email claiming to be from your domain, their mail server checks if the sending IP is listed in the SPF record. If the IP is not listed, the email is rejected or marked as spam. Example SPF record: v=spf1 ip4:203.0.113.0/24 include:_spf.google.com -all Only servers in the specified IP range and Google’s mail servers can send emails for this domain. Others are rejected. Points to Note: Prevents attackers from spoofing your domain and sending phishing or spam emails. 2. Enable DKIM (DomainKeys Identified Mail) What it is: DKIM is a digital signature for each email, ensuring that the message hasn’t been tampered with. Ho...
Post a Comment
Read more