#FactCheck - Philadelphia Plane Crash Video Falsely Shared as INS Vikrant Attack on Karachi Port

Introduction

As the 2024 Diwali festive season approaches, netizens eagerly embrace the spirit of celebration with online shopping, gifting, and searching for the best festive deals on online platforms. Historical web data from India shows that netizens' online activity spikes at this time as people shop online to upgrade their homes, buy unique presents for loved ones and look for services and products to make their celebrations more joyful.

However, with the increase in online transactions and digital interactions, cybercriminals take advantage of the festive rush by enticing users with fake schemes, fake coupons offering freebies, fake offers of discounted jewellery, counterfeit product sales, festival lotteries, fake lucky draws and charity appeals, malicious websites and more. Cybercrimes, especially phishing attempts, also spike in proportion to user activity and shopping trends at this time.

Hence, it becomes important for all netizens to stay alert, making sure their personal information and financial data is protected and ensure that they exercise due care and caution before clicking on any suspicious links or offers. Additionally, brands and platforms also must make strong cybersecurity a top priority to safeguard their customers and build trust.

Diwali Season and Phishing Attempts 

Last year's report from CloudSEK's research team noted an uptick in cyber threats during the Diwali period, where cybercriminals leveraged the festive mood to launch phishing, betting and crypto scams. The report revealed that phishing attempts target the e-commerce industries and seek to damage the image of reputable brands. An astounding 828 distinct domains devoted to phishing activities were found in the Facebook Ads Library by CloudSEK's investigators. The report also highlighted the use of typosquatting techniques to create phony-but-plausible domains that trick users into believing they are legitimate websites, by exploiting common typing errors or misspellings of popular domain names. As fraudsters are increasingly misusing AI and deepfake technologies to their advantage, we expect even more of these dangers to surface this year over the festive season.

CyberPeace Advisory

It is important that netizens exercise caution, especially during the festive period and follow cyber safety practices to avoid cybercrimes and phishing attempts. Some of the cyber hygiene best practices suggested by CyberPeace are as follows:

• Netizens must verify the sender’s email, address, and domain with the official site for the brand/ entity the sender claims to be affiliated with. 
• Netizens must avoid clicking links received through email, messages or shared on social media and consider visiting the official website directly. 
• Beware of urgent, time-sensitive offers pressuring immediate action. 
• Spot phishing signs like spelling errors and suspicious URLs to avoid typosquatting tactics used by cybercriminals.
• Netizens must enable two-factor authentication (2FA) for an additional layer of security.
• Have authenticated antivirus software and malware detection software installed on your devices. 
• Be wary of unsolicited festive deals, gifts and offers. 
• Stay informed on common tactics used by cybercriminals to launch phishing attacks and recognise the red flags of any phishing attempts.
• To report cybercrimes, file a complaint at cybercrime.gov.in or helpline number 1930. You can also seek assistance from the CyberPeace helpline at +91 9570000066.

References

1. https://www.outlookmoney.com/plan/financial-plan/this-diwali-beware-of-these-financial-scams
2. https://www.businesstoday.in/technology/news/story/diwali-and-pooja-domains-being-exploited-by-online-scams-see-tips-to-help-you-stay-safe-405323-2023-11-10
3. https://www.abplive.com/states/bihar/bihar-crime-news-15-cyber-fraud-arrested-in-nawada-before-diwali-2024-ann-2805088
4. https://economictimes.indiatimes.com/tech/technology/phishing-you-a-happy-diwali-ai-advancements-pave-way-for-cybercriminals/articleshow/113966675.cms?from=mdr

‍

Executive Summary:

Social media is buzzing with a link  that claims to offer an iPhone 15 as a gift from LuLu Hype­rmarket, presente­d as part of Holi celebrations. This article e­xamines the deceptive tactics behind this fraudulent offe­r and provides guidance on recognizing and avoiding such scams.

False Claim:

The link be­ing shared is misleading and falsely claims that LuLu Hype­rmarket is giving away free iPhone­ 15 phones. This is taking advantage of the Holi fe­stival to trick unsuspecting people. Whe­n users click on the link, they are­ redirected multiple­ times and end up on a page with LuLu Hype­rmarket's photo and some simple que­stions. Fake comments are also use­d to make the offer se­em genuine, but it is all a de­ception.

The Deceptive Scheme:

The plan uses psychological tricks by linking the offe­r to a famous brand and a popular celebration. The landing page's simplicity and phoney comments try to make users trust it and fe­el like they ne­ed to act fast, so they'll join the scam.

The Fraudulent Campaign Analysed:

The­ scammers are using psychological tactics to manipulate pe­ople. They're e­xploiting the trust people have­ in LuLu Hypermarket and the e­xcitement around the ne­w iPhone 15 during the Holi festival. The­ fake questionnaire se­rves no real purpose, but it's a way to e­ngage users and make the­ scam seem legitimate­. Testimonials claiming people have­ successfully receive­d the iPhone 15 are also fake­, designed to create­ a false sense of cre­dibility. Users are prompted to se­lect a "gift box," which adds an interactive e­lement to draw them in furthe­r. When a user sele­cts a box, they're falsely congratulate­d on winning the iPhone 15, giving them a se­nse of accomplishment. Finally, users are­ urged to share the link via WhatsApp to "claim" the­ gift, spreading the scam to more pote­ntial victims.

What do we Analyse? :

• We analyse the deceptive tactics employed by the scam, including psychological manipulation, false engagement techniques, and fake testimonials, all aimed at convincing users of the offer's legitimacy.

Link : (https://sophisticate­ddistort[.]top/nTiwpTTTT526?llue1696559991144)

• It is important to note that at this particular point, there has not been any official declaration or a proper confirmation of an offer made by Lulu Hypermarket So, people must be very careful when encountering such messages because they are often employed as lures in phishing attacks or misinformation campaigns. Before engaging or transmitting such claims, it is always advisable to authenticate the information from trustworthy sources in order to protect oneself online and prevent the spread of wrongful information
• The campaign is hosted on a third party domain instead of any official Website of LuLu Hypermarket, this raised suspicion. Also the domain was registered last year.
• The intercepted request revealed a connection to a China-linked analytical service, Baidu in the backend.

‍

‍

• Domain Name: sophisticateddistort.top
• Registry Domain ID: D20230629G10001G_04181852-top
• Registrar WHOIS Server: whois.west263.com
• Registrar URL: www.west263.com
• Updated Date: 2023-07-01T02:55:34Z
• Creation Date: 2023-06-29T06:05:00Z
• Registry Expiry Date: 2024-06-29T06:05:00Z
• Registrar: Chengdu west dimension digital
• Registrant State/Province: Shan Xi
• Registrant Country: CN (China)
• Name Server: curt.ns.cloudflare.com
• Name Server: harlee.ns.cloudflare.com

Note: Cybercriminal used Cloudflare technology to mask the actual IP address of the fraudulent website.

CyberPeace Advisory:

• Do not open those messages received from social platforms in which you think that such messages are suspicious or unsolicited. In the beginning, your own discretion can become your best weapon.
• Falling prey to such scams could compromise your entire system, potentially granting unauthorised access to your microphone, camera, text messages, contacts, pictures, videos, banking applications, and more. Keep your cyber world safe against any attacks.
• Never, in any case, reveal such sensitive data as your login credentials and banking details to entities you haven't validated as reliable ones.
• Before sharing any content or clicking on links within messages, always verify the legitimacy of the source. Protect not only yourself but also those in your digital circle.
• For the sake of the truthfulness of offers and messages, find the official sources and companies directly. Verify the authenticity of alluring offers before taking any action.

Conclusion:

During the festive season, as we engage in merrymaking and online activities, we should be mindful of fraudster's exploitation strategies. Another instance is the illegitimate Lulu Hypermarket offer of the upcoming iPhone 15. With the knowledge and carefulness, we can report any suspicious actions to avoid being victims of fraud in this way. Keep in mind the fact that legitimate offers are usually issued by trustworthy sources while if, the offer looks too good to be true, then it is rather a scam.

‍

‍

‍

Executive Summary

‍

Recent claims circulating on social media allege that an Indian Air Force MiG-29 fighter jet was shot down by Pakistani forces during "Operation Sindoor." These reports suggest the incident involved a jet crash attributed to hostile action. However, these assertions have been officially refuted. No credible evidence supports the existence of such an operation or the downing of an Indian aircraft as described. The Indian Air Force has not confirmed any such event, and the claim appears to be misinformation.

Claim

A social media rumor has been circulating, suggesting that an Indian Air Force MiG-29 fighter jet was shot down by Pakistani Air forces during "Operation Sindoor." The claim is accompanied by images purported to show the wreckage of the aircraft.

‍

‍

Fact Check

‍

The social media posts have falsely claimed that a Pakistani Air Force shot down an Indian Air Force MiG-29 during "Operation Sindoor." This claim has been confirmed to be untrue. The image being circulated is not related to any recent IAF operations and has been previously used in unrelated contexts. The content being shared is misleading and does not reflect any verified incident involving the Indian Air Force.

‍

‍

After conducting research by extracting key frames from the video and performing reverse image searches, we successfully traced the original post, which was first published in 2024, and can be seen in a news article from The Hindu and Times of India. 

‍

A MiG-29 fighter jet of the Indian Air Force (IAF), engaged in a routine training mission, crashed near Barmer, Rajasthan, on Monday evening (September 2, 2024). Fortunately, the pilot safely ejected and escaped unscathed, hence the claim is false and an act to spread misinformation.

‍

‍

Conclusion

‍

The claims regarding the downing of an Indian Air Force MiG-29 during "Operation Sindoor" are unfounded and lack any credible verification. The image being circulated is outdated and unrelated to current IAF operations. There has been no official confirmation of such an incident, and the narrative appears to be misleading. Peoples are advised to rely on verified sources for accurate information regarding defence matters.

‍

• Claim: Pakistan Shot down an Indian Fighter Jet, MIG-29
• Claimed On:  Social Media
• Fact Check: False and Misleading