Rising Phishing Scams Targeting the Indian Electric Vehicle Industry

Business

CloudSEK investigates Electric Vehicle related phishing campaigns exploiting advances in the sector, and Google Ads, to steal users’ data and money

New Delhi (India), March 2: CloudSEK today released Unearthing the Million Dollar Scams Targeting the Indian Electric Vehicle Industry, highlighting a large-scale phishing campaign targeting Electric Vehicle (EV) consumers and businesses. It is notable that the scams increased considerably after the production-linked incentive (PLI) scheme, for electric and hydrogen fuel cell vehicles, was approved by the cabinet in September 2021.

CloudSEK’s in-depth investigation has revealed that scammers are exploiting Google Ads to misdirect users to phishing sites that collect users’ data and money. With each site defrauding users of INR 200,000—400,000, in booking fees and down payments, the scam has so far cost the Indian public over INR 40— 80 Million.

Overview of the Phishing Campaign

Since the second half of 2021, CloudSEK’s flagship digital risk monitoring platform XVigil has detected a spike in phishing campaigns impersonating EV manufacturers and dealerships. Scammers propagate this scheme by:

  • Registering fake domains that resemble legitimate domains of EV manufacturers and marketplaces.
  • Creating Google Ads for the fake domains, and manipulating SEO, such that these ads are top results for generic searches as well as searches for specific EV brands .
  • Directing users clicking on these ads to phishing domains that impersonate the content and images of legitimate websites.
  • Collecting users’ information and money in the guise of reservation/ booking fees for a vehicle or a security deposit, through phishing websites, to become an EV dealer.

Impact on Consumers and EV Companies

The phishing campaign has already cost the Indian public over INR 40— 80 million, and this value is expected to increase significantly in the future. Apart from financial loss, users also share Personally Identifiable Information (PII) and banking details, which can be leveraged to orchestrate other social engineering campaigns, and even identity theft. For EV companies, these phishing websites lead to direct loss of business, reputation, and credibility. This could also lead to a general decline in the adoption of e-mobility, an already unfamiliar technology, if users’ first touch point in a phishing campaign.

Addressing Threats to the Growing EV Sector in India

EV companies can mitigate the threats posed by these phishing scams by running awareness campaigns to educate users/ customers about the ongoing scams. They can also report the campaigns to the Cyber Crime Cell. In addition, businesses that are part of the EV sector can implement real-time monitoring of phishing domains with XVigil to identify and suspend phishing websites spoofing their business.

CloudSEK is an AI-driven Digital Risk Monitoring Enterprise. CloudSEK’s XVigil platform helps clients assess their security posture in real-time from the perspective of an attacker. XVigil scours thousands of sources (across the surface, deep and dark web), to detect cyber threats, data leaks, brand threats, identity thefts, etc. To learn more about CloudSEK XVigil, visit cloudsek.com.

149 thoughts on “Rising Phishing Scams Targeting the Indian Electric Vehicle Industry

  1. Hello, Neat post. There is a problem along with your website in internet explorer, might check this… IE still is the market chief and a big component to other people will miss your magnificent writing because of this problem.

  2. The core of your writing while sounding reasonable originally, did not really settle properly with me personally after some time. Someplace within the sentences you managed to make me a believer but only for a very short while. I still have a problem with your leaps in assumptions and one would do nicely to help fill in all those gaps. In the event you actually can accomplish that, I will surely be amazed.

  3. You really make it seem really easy together with your presentation but I find this matter to be really something that I feel I’d never understand. It kind of feels too complicated and extremely vast for me. I’m having a look forward on your subsequent publish, I¦ll try to get the grasp of it!

  4. Hey! I know this is kind of off topic but I was wondering if you knew where I could get a captcha plugin for my comment form? I’m using the same blog platform as yours and I’m having trouble finding one? Thanks a lot!

  5. Unquestionably believe that which you stated. Your favorite reason seemed to be on the internet the easiest thing to be aware of. I say to you, I certainly get annoyed while people think about worries that they just do not know about. You managed to hit the nail upon the top and also defined out the whole thing without having side-effects , people could take a signal. Will probably be back to get more. Thanks

  6. I’m really impressed along with your writing abilities and also with the format on your weblog. Is this a paid theme or did you modify it yourself? Either way keep up the nice high quality writing, it is rare to peer a nice weblog like this one nowadays..

  7. I discovered your blog site on google and examine a number of of your early posts. Proceed to keep up the very good operate. I simply further up your RSS feed to my MSN News Reader. Searching for ahead to studying more from you later on!…

Leave a Reply

Your email address will not be published.