ola electric scooter delivery date

Scams luring faster Ola electric scooter delivery date on the rise

Shreshta Threat Intelligence has uncovered scams luring faster Ola electric scooter delivery date. The threat actors are launching phishing campaigns impersonating OLA , deceiving consumers into purchasing Ola electric scooters by promising a faster delivery date.

Executive Summary

As per our analysis, we conclude with high confidence that the attackers are launching phishing websites impersonating OLA Electric Scooter and tempting the potential buyers to book a scooter by promising them a faster delivery date.

Motive

We can share with high confidence that the motive of the threat actors is to harvest the user’s personally identifiable information(PII) and payment details.

About OLA Electric

ola electric scooter delivery date

Ola Electric Mobility (stylized as OLΛ ELECTRIC) is an Indian, electric two-wheeler manufacturer, based in Bengaluru, Karnataka, India. It is India’s largest electric two-wheeler manufacturer valued at around US$5.4 billion as of September 2023. It has a manufacturing facility located in Krishnagiri, Tamil Nadu which is India’s largest two-wheeler EV manufacturing factory.

Tempting buyers with a faster Ola electric scooter delivery date

Technical analysis of phishing websites impersonating OLA Electric

In this section, we will explore a few of the phishing websites impersonating OLA.

Phishing website #1 impersonating OLA Electric Scooters

Figure 1 – Screenshot of the phishing website impersonating OLA Electric Scooters

Figure 2 – Selecting “Check it out!” or “Reserve now” leads the user to the cart.

The user is prompted to click on “Continue” to book the OLA Electric Scooter

Figure 3 – Upon clicking on “Continue”, the user is asked to enter their PII

The website accepts false details and redirects the user to another page.

Figure 4 – Users are instructed to finalise the payment using the displayed bank details.

Figure 5 – The phishing website was created by using images from the OLA website.

Threat Indicators

  • The domain name olaelectric.pro was registered by Porkbun LLC 
  • Domain name registration date – December 23rd 2023
  • The domain name resolves to IP address 150.230.181.31
  • The IP address 150.230.181.31 belongs to AS31898 (Oracle Corporation)

Phishing website #2

Figure 6 – Screenshot of the phishing website impersonating OLA Electric Scooters

Figure 7 – Clicking on “Apply Now” prompts the user to enter their details

Figure 8 –  Upon clicking “Apply Now” the user is redirected to a “thank you” page

Threat Indicators

  • The domain name olaelectriccs.in was registered by Endurance Digital Domain Technology LLP
  • Domain name registration date – November 8th 2023
  • The domain name resolves to IP address 162.241.85.230
  • The IP address 162.241.85.230 belongs to AS46606 (Unified Layer)

Phishing website #3

Figure 9 – Screenshot of the phishing website impersonating OLA Electric Scooters

Figure 10 – Upon selecting “BOOK NOW,” the user is prompted to fill out a form.

The website accepts false details and redirects the user to another page

Figure 11 – Users are instructed to finalise payment using the displayed bank details.

Threat Indicators

  • The domain name olaelectricscootersbook.in was registered by Endurance Digital Domain Technology LLP
  • Domain name registration date – August 17th 2023
  • The domain name resolves to ip address 116.202.221.212
  • The IP address 116.202.221.212 belongs to AS24940 (Hetzner Online GmbH)

Network Infrastructure Analysis

Safety Recommendations

  1. Configure Browse Safe DNS Servers on your devices to block phishing, malware, cryptojacking and other cyber threats
  2. If you become a victim of cyber crime, call the national (India) cyber crime helpline 1930 or file a complaint at https://cybercrime.gov.in/ 
  3. If you are an enterprise, protect your organisation in real-time from cyber threats such as phishing, malware, newly registered domain names and other malicious communication using Shreshta DNS Firewall. Please email sales@shreshtait.com for a free 30-day trial.

Conclusion

Scams luring customers into quicker delivery of goods and services are on the rise. The threat actors mimic the genuine websites to phish the user for their personally Identifiable Information (PII) and bank details.

Indicators of Compromise

  • https[:]//olaelectric.pro/index.html#
  • http[:]//olaelectriccs.in/
  • http[:]//www.olaelectriccs.in.dhaniloanservice.co.in/
  • https[:]//olaelectricscootersbook.in/
  • https[:]//olaelectricscootersbook.in/
Website | + posts