A WhatsApp forward is making the rounds, “₹ 500 Balance For Every Indian. Modiji Giving Free Balance. Click here http://balance.modi-gvt.in“. When one clicks on the link, it takes you to a webpage which asks for your name, phone number, mobile service operator (Airtel, Idea, Vodafone etc.) and which state you belong to. There’s a prominent ‘Recharge Now’ button at the end of the form. Right below this button, there’s a running ticker of partly obfuscated numbers with the title “Latest Successful Recharge“. At the top, it says “देश बदल रहा हैं। (Desh Badal Raha Hai)”, a slogan that has often been used by PM Modi/BJP in its campaigns.
The web design of this site is optimized for mobile users. The messaging such as invoking PM Modi in the WhatsApp chain message and the slogan ‘Desh Badal Raha Hai’ are optimisations well thought out to scam mobile internet users who are newly introduced to smartphones, technology, Internet and haven’t yet figured out the perils of the world of Internet. The possibility of getting something for free makes even those who are otherwise wary of such websites try out their luck. After all, the only personal information that is being traded is a mobile number and a name. For those who do submit the form after inputting all the personal details, no ‘free balance’ is received, ever. However, they do end up giving up their name and phone number to some unknown person who’s running this scam.
We traced the origins of this website and we found that the person who’s created balance.modi-gvt.in operates a host of such scam sites. We’re listing a few of them here.
online-sale.in (freejio.online-sale.in, jiosim.online-sale.in)
The person who has created these websites and is making them viral via WhatsApp is probably getting thousands of names and mobile numbers which he/she can trade with advertising/marketing companies and make money. The other source of income would be the advertisements on the site. Quite a successful business model. We traced the person who’s running these websites under a variety of email addresses. However, we are not sure if the identity that is being used to run these sites is an original identity or a stolen identity. Hence, we decided not to reveal the identity of the person. It is for the law enforcement agencies to look into such scams and act upon them as soon as possible.
Many other copy-cat websites like the ones above have come up with identical web design and we are listing them below. We feel that these websites are probably handled by other individuals as we could not find any web traces connecting the next set of web sites to the previous ones.
There’s another person who has registered a series of domain names with email addresses that fit a pattern and is also running scams likes the ones mentioned above.
jio-internet-speeder.com is registered with email address email@example.com
free-net-recharge.com is registered with email address firstname.lastname@example.org
jio-net-speeder.com is registered with email address email@example.com
jio-unlimited-net.com is registered with email address firstname.lastname@example.org
… and so on.
While all of the above websites want to scam people into trading their personal information such as names and phone numbers, the more dangerous kinds are the ones that will try and install malware into your phone/computer. For eg, if one goes to trickybuzz.com, it will show a pop-up message stating “Congratulations Phone User आपको मिल गया हैं Nude Scanner Camera!”. It then asks you to download an application by pressing the “Download” button. DO NOT CLICK ON THE BUTTON. It is a phone malware.
Websites like free-4gb-netpack.com and camera-nude-scanner.asia show the picture of a nude woman on the front page, ask if you wish to chat with a hot girl. Then, they make you answer a questionnaire and convince you to share the website multiple times over WhatsApp to unlock ‘hot girls in your area’.
There are thousands of such scams which are being propagated via WhatsApp. The research for this article took just a few hours. India’s multiple law enforcement agencies with their cyber cells have much more bandwidth to go after these scamsters and bring them to the book. So, the obvious question is, how does a person who has been running multiple scammy sites over a longish period of time get away without our law enforcement agencies taking note?