Debunking the Free Recharge Scam: Protecting Yourself from Misuse of TRAI's Name

Research Wing
Research Wing
Innovation and Research
PUBLISHED ON
Jul 31, 2024
10

Executive Summary:

Cyber incidents are evolving along with time, they are designed to attract and lure people through social networking sites and/or messaging services. In the recent past a spate of messages alleging that TRAI is offering ‘3 months free recharge with free voice calls and internet for 4g/5g with 200 GB free data’. These messages display the TRAI logo with attractive offers to trick the users into revealing their personal details. This blog discusses the functioning of this free mobile recharge scheme, its methods and guidelines on how to avoid such fake schemes. This blog explains the importance of vigilance and verification when receiving any links, emphasizing the need to report suspicious activities and educate others to prevent identity theft and protect personal information. 

Claim:

The message circulated an  enticing offer: free mobile recharge for 3 months which provides unlimited  free voice calls with 200GB 4G/5G data with TRAI logo. The key characteristics of the false claims are

  • Official Branding: The logo of TRAI has been viewed as a deceptive facade of credibility. 
  • Unrealistic Offers: It is accompanied by a free recharge , which is intended for an extended period indefinite period, like most fraudsters’ bait. 
  • Urgency and Exclusivity: The offer is for a limited time to make urgency forcing the receiver to take the offer without confirmation. 

 The Deceptive Scheme:

Organized systematically, the fraudulent campaign usually proceeds in several steps, all of which aim at extracting  the victim’s personal data. Here’s a breakdown of the scheme:

1. Initial Contact:  Such messages or calls reach the users’ inboxes or phone numbers through social media applications such as WhatsApp or through text messages. These messages further implies that the user was chosen for the special offer from TRAI, which elicits the interest of the user. 

 2. Information Request: To claim the purported offer, users are directed to a website or asked to reply with personal details, including:

  •  Phone number 
  •  State of residence 
  •  SIM provider details 

This is useful for the scammers as they harvest information which can be used to conduct identity theft or sold to others on the shady part of the internet known as the ‘Dark Web’. 

3. Fake Confirmation: After providing all the information, a congratulatory message appears on the screen showing that their phone number is eligible for the offer. The user is compelled to forward the message to many phone numbers through whatsapp to get the offer. 

 4. Pressure Tactics: The  message often implies a sense of time constraint or fear which psychologically produces pressure to provide all the user information. For example, users are given messages such as that if they do not ‘act now’, they will lose their mobile service. 

Analyzing the Fraudulent Campaign 

The TRAI fraudulent recharge scheme case depicts that  social engineering is used in cyber crimes. Here are some key aspects that characterize this campaign:

  • Sophisticated Social Engineering 

Scammers take advantage of the holders’ confidence in official bodies such as TRAI. By using official TRAI logos, official language they try to deceive even cautious people. 

  • Viral Spread 

The user is compelled to share the given message to friends and groups; this is an excellent strategy to spread the scam. It not only spreads the fraudulent message but also tries to extract the details of other people. 

  • Technical Analysis
  • Domain Name: SGOFF[.]CYOU
  • Registry Domain ID: D472308342-CNIC
  • Registrar WHOIS Server: whois.hkdns.hk
  • Registrar URL: http://www.hkdns.hk
  • Updated Date: 2024-07-24T18:50:48.0Z
  • Creation Date: 2024-07-19T18:48:44.0Z
  • Registry Expiry Date: 2025-07-19T23:59:59.0Z
  • Registrar: West263 International Limited
  • Registrar IANA ID: 1915
  • Registrant State/Province: Anhui
  • Registrant Country: CN
  • Name Server: NORMAN.NS.CLOUDFLARE.COM
  • Name Server: PAM.NS.CLOUDFLARE.COM
  • DNSSEC: unsigned

Cloudflare Inc. is used to cover the scam. The real website always uses the older domain while this url has been registered recently which indicates that this link is a scam.  

Img source: Virus Total

The  graph indicates that some of the communicated files and websites are malicious.

CyberPeace Advisory and Best Practice:

In light of the growing threat posed by such scams, the Research Wing of CyberPeace recommend the following best practices to help users protect themselves: 

1. Verify Communications: It is always advisable to visit the official site of the organization or call the official contact numbers of the company to speak to their customer care and clarify about the offers. 

2. Do not share personal information: No genuine organization will call the people for personal information.  Step carefully and do not provide personal  information that will lead to identity theft when dealing with such offers. 

3. Report Fraudulent Activity: If one receives any calls or messages that seem to be suspicious, then the user can report cyber crimes to the National Cyber Crime Reporting Portal on www. cybercrime. gov. in or call on 1930. Such scams are reportable and assist the authorities in tracking and fighting the vice. 

4. Educate Others : Always raise awareness among friends by sharing these kinds of scams. Educating people helps to avoid them falling prey to such fraudulent schemes. 

5. Use Reliable Resources :  Always refer to official sources or websites for any kind of offers or promotions.

Conclusion:

The free recharge scheme for 3 months with the logo of TRAI is a fraudulent scam. There is no official information from TRAI or in their official website about this free recharge scheme. Though the scheme looks attractive, it is deceptive.  Through this, the scammers are trying to collect personal details of the individual. Before clicking any links, it is necessary to check the authenticity of the information, report these kinds of incidents to spread awareness among people. Always be safe and be vigilant.  

PUBLISHED ON
Jul 31, 2024
Category
#FactCheck
TAGS
#
#FactCheck

Related Blogs