Beware of this fake Paytm website that promises over ₹2,000 as a ‘cashback’ offer: Here's how it works
Another day, another fake website claiming to offer free cashback offers. Here's what the site does and how you can stay safe.
Digital payments have become a boon long before the arrival of the novel coronavirus pandemic, becoming even more useful ever since lockdowns have forced many people to remain indoors. Unfortunately, the country has also seen a rise in cyber fraud and incidents of criminals taking advantage of unwitting users to cheat them of their money. The latest such scam reportedly doing the rounds involves popular payment app Paytm in the form of a fraudulent cashback offer.
The new scam is directed at users who are unaware of how phishing sites work, and is delivered to users in the form of a browser notification that directs users to a fraudulent website paytm-cashoffer[dot]com, as reported by the Indian Express. We were able to confirm the existence of the site, which works on all mobile browsers.
The report is unclear about which site the notification is delivered from, as Chrome makes it mandatory for sites to request permission before delivering notifications to a user. This means that the notification is probably being delivered as a notification from an otherwise legitimate site – or at least one that the user trusts enough to grant the notification permission.
The notification, in this case, says “Congratulations! you have won Paytm Scratch Card,” according to the report. Once the user clicks on the notification, they are taken to the website paytm-cashoffer[dot]com which is obviously a fake, fraudulent website that has been created to trick users by using similar design and colour elements from the official Paytm website.
On the website, users who do not notice the non-official URL at the top of the website will see a message saying they have won over ₹2,000 as cashback, along with a large light blue “Send Reward to Paytm” button at the bottom of the screen. The report says that the scam only works on a mobile phone, which means that the scammers behind the website are aiming to target mobile users.
At the time of publishing this article, typing the URL into the browser on a computer takes a user directly to the official Paytm website instead of displaying the scam website. Users are advised not to visit the fraudulent site or forward it to their contacts.
However, the scam website is still visible to mobile users and clearly displays a new fraudulent amount of ₹2,000 – the value keeps changing every time one refreshed the page. Keep in mind that entering your personal information on any third party website like this one can result in the loss of your data or your funds.
Users can protect themselves by educating themselves about cybersecurity online, making sure they never enter their personal details on unknown websites and keep in mind that “real” cashback offers (like this one) are only available from inside the official Paytm app and not from third-party websites. They must also be careful about any unofficial links and never click on any notifications or links in messages or emails promising free cashback or rewards in order to remain safe online.