Big scam happening during online shopping, government agency warns

Big Scam Happening During Online Shopping

A warning has been given by the Indian government agency CERT-In and it has been reported that with the help of many updated server framework websites and e-commerce sites, the card details and banking data of users are being stolen. Apart from this, the case of targeting users with the help of Android apps has also come up in the past.

ऑनलाइन शॉपिंग के दौरान हो रहा बड़ा स्कैम, सरकारी एजेंसी ने दी चेतावनी\

A public warning is being given by the Computer Emergency Response Team (CERT-In) of the Government of India, which is associated with fraud happening during online shopping. A credit card skimming campaign is being run on sports, health, and e-commerce websites, aimed at targeting you and emptying your account. In such a situation, users are advised to remain alert.

CERT-In has revealed in an official post that hackers are targeting websites hosted on Microsoft's IIS servers and operating on the ASP.NET web application framework. Attackers are actually taking advantage of a flaw in ASP.NET version 4.0.30319, which is no longer officially supported on Microsoft and is also easy to hack.

In an advisory, CERT-In has asked websites to immediately update web applications, servers, and database servers in addition to updating to the latest version. Websites have been asked to regularly check the webserver directories so that malicious web shell files can be detected and removed with their help before the users are harmed.


Fear of card details theft

A reference was also given to the recently shared Malwarebytes Labs report from CERT-In, in which the old flaw CVE-2017-9248 was revealed. Researchers at Malwarebytes Labs discovered more than a dozen websites that were trying to steal users' credit card details with the help of malicious code.

Attack with the help of apps

Warning mentions the outdated web server framework, and earlier there was a case of stealing card details by attacking malware with the help of malware. A cybersecurity firm called ThreatFabric has detected a new malware, BlackRock, which attacks more than 337 Android apps and is still active.

Previous
Next Post »