Shreshta Threat Intelligence has uncovered scams luring faster Ola electric scooter delivery date. The threat actors are launching phishing campaigns impersonating OLA , deceiving consumers into purchasing Ola electric scooters by promising a faster delivery date.
As per our analysis, we conclude with high confidence that the attackers are launching phishing websites impersonating OLA Electric Scooter and tempting the potential buyers to book a scooter by promising them a faster delivery date.
We can share with high confidence that the motive of the threat actors is to harvest the user’s personally identifiable information(PII) and payment details.
About OLA Electric
Ola Electric Mobility (stylized as OLΛ ELECTRIC) is an Indian, electric two-wheeler manufacturer, based in Bengaluru, Karnataka, India. It is India’s largest electric two-wheeler manufacturer valued at around US$5.4 billion as of September 2023. It has a manufacturing facility located in Krishnagiri, Tamil Nadu which is India’s largest two-wheeler EV manufacturing factory.
Tempting buyers with a faster Ola electric scooter delivery date
Technical analysis of phishing websites impersonating OLA Electric
In this section, we will explore a few of the phishing websites impersonating OLA.
Phishing website #1 impersonating OLA Electric Scooters
Figure 1 – Screenshot of the phishing website impersonating OLA Electric Scooters
Figure 2 – Selecting “Check it out!” or “Reserve now” leads the user to the cart.
The user is prompted to click on “Continue” to book the OLA Electric Scooter
Figure 3 – Upon clicking on “Continue”, the user is asked to enter their PII
The website accepts false details and redirects the user to another page.
Figure 4 – Users are instructed to finalise the payment using the displayed bank details.
Figure 5 – The phishing website was created by using images from the OLA website.
- The domain name olaelectric.pro was registered by Porkbun LLC
- Domain name registration date – December 23rd 2023
- The domain name resolves to IP address 126.96.36.199
- The IP address 188.8.131.52 belongs to AS31898 (Oracle Corporation)
Phishing website #2
Figure 6 – Screenshot of the phishing website impersonating OLA Electric Scooters
Figure 7 – Clicking on “Apply Now” prompts the user to enter their details
Figure 8 – Upon clicking “Apply Now” the user is redirected to a “thank you” page
- The domain name olaelectriccs.in was registered by Endurance Digital Domain Technology LLP
- Domain name registration date – November 8th 2023
- The domain name resolves to IP address 184.108.40.206
- The IP address 220.127.116.11 belongs to AS46606 (Unified Layer)
Phishing website #3
Figure 9 – Screenshot of the phishing website impersonating OLA Electric Scooters
Figure 10 – Upon selecting “BOOK NOW,” the user is prompted to fill out a form.
The website accepts false details and redirects the user to another page
Figure 11 – Users are instructed to finalise payment using the displayed bank details.
- The domain name olaelectricscootersbook.in was registered by Endurance Digital Domain Technology LLP
- Domain name registration date – August 17th 2023
- The domain name resolves to ip address 18.104.22.168
- The IP address 22.214.171.124 belongs to AS24940 (Hetzner Online GmbH)
Network Infrastructure Analysis
- Configure Browse Safe DNS Servers on your devices to block phishing, malware, cryptojacking and other cyber threats
- If you become a victim of cyber crime, call the national (India) cyber crime helpline 1930 or file a complaint at https://cybercrime.gov.in/
- If you are an enterprise, protect your organisation in real-time from cyber threats such as phishing, malware, newly registered domain names and other malicious communication using Shreshta DNS Firewall. Please email email@example.com for a free 30-day trial.
Scams luring customers into quicker delivery of goods and services are on the rise. The threat actors mimic the genuine websites to phish the user for their personally Identifiable Information (PII) and bank details.
Indicators of Compromise