Fake ‘Wai Wai Gift’ Link Goes Viral on Facebook, Users at Risk of Hacking

Kathmandu. In recent days, a scam link that claims Wai Wai noodles will gift Rs 5000 on the occasion of its anniversary has been going viral on the social media platform Facebook. Clicking on this link out of financial temptation increases the risk that the user's bank account, WhatsApp, and Facebook accounts will be hacked.

When you open the viral link, the first thing that appears is a fake website that looks like Wai Wai’s official page. Fake comments with Nepali names and photos have been posted there to convince users. The website asks some questions and then prompts users to a ‘gift box.’

The first time it is shown as empty, but the second time it is shown as containing a tempting prize of five thousand rupees. It is mandatory to share the link with five groups and 20 friends via Viber, Messenger, or WhatsApp to receive the money. While the sharing process is underway, it is possible that the website steals sensitive data from the user's device.

After sharing, the user is prompted to click on various buttons to verify their mobile number. Clicking on those buttons leads the user to various betting, adult, and malware websites. Through such ‘rotary links,’ scammers earn money by increasing website traffic.

How are wallets and bank accounts emptied?

As soon as a user enters their login details in hopes of receiving a gift, that information goes directly to the scammer's database. Immediately after, the scammer tries to log in using those details on the official wallet or banking apps.

For security, the official OTP code sent by the bank to the user's mobile is tricked into being entered on the fake website by the scammer. As soon as the user enters the code, the scammer gains full access to the account and withdraws money illegally.

How to identify this as a scam?

There are plenty of reasons to be suspicious of this:

• Suspicious URL: Even though ‘waiwai’ is written at the beginning of the website link, random letters are placed at the end. Official company domains do not contain such irregular patterns. 

• Fake company name: ‘Wai Wai Inc’ is listed as the provider; however, there is no official company by that name in Nepal.

• There is no anniversary: In fact, Wai Wai has not set any particular date as its ‘anniversary’.

• Lack of official information: The company has not provided any information about gifting Rs 5,000 on its official website, social media, or any other communication medium.

This type of activity is technically called ‘phishing.’ Phishing is carried out in a very clever way, where emails or links that appear genuine are sent to steal the user's personal and financial information. A single wrong click can install ransomware on the device, allowing the hacker to take control of the entire network.

How to be protected from such cyber attacks?

Although some phishing attempts are difficult to identify, you can stay safe by paying attention to the following points:

1.  Do not rush and stay cautious: Do not rush when you see tempting offers on the internet. Attackers always take advantage of your haste and tendency to trust. 

2.  Check links and domains: Before clicking on any link, hover your mouse or finger over it to preview the URL. Consider whether it goes to the official website or the correct domain.

3. Check the credentials: Carefully check whether the address of the message or email you received is official or not. Even a single letter error in the name can indicate that it is fake.

4. Do not give your password and OTP: No official organization or company will ever ask for your password or OTP. If someone sends a link asking for your username or password, do not follow it; instead, go directly to the browser and open the company's official site.

पछिल्लो अध्यावधिक: चैत १५, २०८२ १४:३१

टिप्पणीहरू