China-based hackers are running a malicious free gift campaign to collect personal user data. Cybersecurity researchers have revealed that the campaign is pretending to be an offer from Tata Motors, the biggest automobile manufacturing company in India,
The campaign is pretended to be an offer from Tata Motors but hosted on the third-party domain instead of the official website of Tata Motors which makes it more suspicious,.This malicious campaign being operated on a fake website is titled Tata Motors Cars, Celebrates sales exceeding 30 million
The report states that these malicious links collect confidential data about users including their browser and system information as well as the cookie data. Moreover, the prizes of the malware-ridden campaign have been kept attractive to trick people.
The landing page on the website displays a congratulations message with a photo of a Tata Safari car. Users are asked to participate in a quick survey to get a free TATA Safari vehicle.
The report further states that after completing all the attempts, a message appears stating “Congratulations! You did it! You won the TATA SAFARI!” Users are then instructed to share the campaign with their friends on WhatsApp.
User doesn’t actually end up winning the car, the page simply keeps redirecting the user to multiple advertisements webpages. It should be noted that the campaign is completely fake and users should be careful when clicking on links that they are not aware of or that seem shady.