The incident came to light when Delhi-based tech expert Kartic Rakhra's tweeted about what happened to the man, his grandfather's attendant.
There are genuine websites and then there are fake ones. And these fake websites are mostly created by scammers to steal user's personal information. In most cases, their hard earned money.
This is exactly what happened to a man in his twenties based in Delhi. The incident came to light when Delhi-based tech expert Kartic Rakhra's tweeted about what happened to the man, his grandfather's attendant.
What’s the story?
Going by Rakhra's tweet thread, the attendant appears to be someone who uses several kinds of apps like MXPlayer, UCBrowser and Sharechat and consumes all types of content. Like any other smartphone user.
While scrolling through UCBrowser, he found an ad that caught his attention. The ad detailed a Flipkart sale, where Oppo F11 Pro was selling at Rs 2,999. The phone is now priced at Rs 16,990 in India.
Image: kartic rakhra)
On the official Flipkart website the Oppo F11 Pro is listed with the original price and no such discount is available. That being the case how did the ad displayed on UC Browser show the phone with lower price? Of course, because this was a fake ad.
Unfortunately, the man clicked on the ad and that took him to a fake website with lots of other alluring deals like MacBook Pro at Rs 10,000, and more.
What happened after this..
Rakhra claims the website (which was supposedly flipkart.cc) looked exactly like the original Flipkart website, which misguided the attendant. The only way he found that it's a fake website is by some of the spelling errors, which definitely doesn't happen on a genuine website. However, despite these signals, the attendant still decided to make the purchase.
After clicking on the Buy Now option the page took him to the payment page which had a message stating "Please ensure that you only pay for goods or services that you have already received. Never make any advance payment to any non-trusted merchant or stranger who provides the link through WhatsApp, Facebook, Instagram, OLX ads or SMS/calls for any offers or prizes as it may be a scam."
Image: kartic rakhra)
The attendant -- like most buyers would do -- didn't take the alert seriously (which he should have) and proceeded to make the payment.
On clicking Continue the page showed "Payment to Agrawal Sweets" which triggered him. Since the attendant trusts Flipkart as a website, he ignored that message too and continued with the payment. Rakhra said the attendant approached him only when the website didn't let him pay via Google Pay and only accepted payment through PayTM. He didn't have a PayTM account. He didn't make the payment.
On seeing the alert message, the attendant should have paused the purchase. But that's not what he did. So, firstly the buyer's should take these warnings seriously. But we have to accept that these ads are ideally not targeted at those who can do this due diligence.
Talking about Paytm’s cyber security initiatives and how the company is fighting cyber frauds, a Payments Bank spokesperson told indianexpress.com: "We are at the forefront of fighting online frauds and have a dedicated team of over 200 cyber security and fraud detection experts. Our team works 24x7 to monitor transactions and take action whenever they detect any fraudulent activity. Also, we are continuously adding new security features to combat such frauds."
Image: kartic rakhra)
"We have been educating and informing customers to not fall prey to such 'too good to be true' offers. We warn our users never to make any advance payments to any non-trusted stranger or merchant."
"We encourage them to report all such incidents to us and also to the crime branch so we can take concrete action against these fraudsters." "Our cyber cell department is connected to police crime branches to effectively tackle cyber frauds as and when they are reported. We are constantly working to inform customers to safeguard themselves from such incidents,” the spokesperson added.
Fake Ad is removed. Does this solve the problem?
The Ads team at UC Browser told indianexpress.com that they have removed the ad from their platform, so no one else falls for it. The UC Browser spokesperson said: "We have removed the mentioned Ad from our platform on an immediate basis and launched an internal review of the advertising mechanism that led to this. User experience and benefit remains our top priority."
But does that solve the key problem? Well, it definitely doesn't.
What experts say
Satyajit Sinha, Research Analyst with Counterpoint Research explained "a constant check for fake websites/apps by digital companies and E-commerce is one of the key precautionary measures" that will keep the user safe online.
Flipkart said it has a stringent process to check for fake and phishing sites. "At Flipkart, a large part of our efforts are directed towards ensuring our customers are educated and well-informed. We have a robust continuous process in place to monitor, identify and take legal action against fake/lookalike domains, phishing sites and fraudulent websites, apps and social media pages that attempt to bring disrepute to Flipkart by impersonating our brand and thereby cheating and defrauding our customers and the public at large."
"Internally, we also have processes directed at safeguarding our customers’ information," the e-commerce giant explained. "Within Flipkart, we have constituted a dedicated Brand Protection Council, which is a cross-functional team of experts from disciplines such as information security, application security, legal, compliance, communications, customer experience and customer support. The role of this group is to assess, monitor, report and take legal action against perpetrators of such fraudulent activities as well as take preventive measures through systems, technologies and customer education. In the past year, we have reported and taken down a number of such fraudulent online sites."
What buyers must know
If such teams and councils are already there why are fake website scams rising with every passing day? We hear about one or the other almost every other day.
Well, the companies are not to be blamed completely. It’s the buyer’s responsibility as well. Buyers must note that it is very difficult to keep track of everything on the Internet. It is also the buyer's responsibility to keep themselves safe in the bad world of the web.
Sinha suggests some tips to stay safe online. He says that the users must first take a close look at the URL for domain spelling. For instance, the URL of the reported fake website was flipkart.cc. The original website URL is https://www.flipkart.com/. Second, users must always look for Padlock Icon or HTTPS in URL. Third, users should check for website certificate details and trust seals. And lastly, in case of suspicion, check for google safe browsing site status, by heading to this link.
Beware and stay safe in the bad world of the internet.