Indian E-Commerce Naaptol Fraud Website Hacked By Krishnadev P Melevila
False Lottery Claim And Data Leak From Authentic E-commerce Company
Kothamangalam, Kerala - Date: 15-06-2021
Krishnadev is a cyber security expert form state of Kerala in India. Krishnadev had purchased a product from Naaptol online, 2 Years back, which is a leading e-commerce platform in india. Recently he got a letter from Naaptol stating he had won almost Rs.750000/- for Naaptol online lottery draw based on their 21st anniversary. But the condition to claim the prize is to pay a fixed amount of Rs.7500/- as tax to government in advance. Then only one can claim the prize amount. "The Letter seems to be authentic and it have the company seal and logo" Krishnadev Said. Krishnadev first tought it was authentic. But as he is a cyber security expert his eyes got trapped in the website link provided along with the letter. So he just surf on it. At first impression itself proved that the site is complete fraud.
Krishnadev just enumerated the whole site http://naaptolonlineprize.com/ and found that the site is just basic one, no reputed company websites look like this. He tried many attacks on the site. Finaly he came to the conclusion that this website is vulnerable to sql .
He know it is not legal to get into ones website without their permission. He is very aware of it, as it is his proffession. So he decided to send detailed report including his findings as mail to ICANN (The Internet Corporation for Assigned Names and Numbers), the authority who controlls domains and ip addresses of website.
At the 4th day, Krishnadev got reply back from ICAAN stating they need more proofs.. This same method of fraud happend many years repeatedly.. so he was easy to grab some news reports...he reinvestigated it one more time.. and he find that the same fraud was happening every year and no law enforcement officials can't able to find the culprits behind this till now.. so Krishnadev sourced as much evidence of this case and send to ICANN.
At 5 th day from the second mail send, Krishnadev got reply from ICANN stating that his findings were true and ICAAN had taken action against the website and the website was banned by ICAAN.
But the actual problem is not there.... How personal datas including name,email,phone number etc.. leak from such reputed companies? Are they selling it? Is it legal to send personnel datas?
Krishnadev again investigated the case. "My finding is Naaptol sells our data otherwise Naaptol is itself behind this fraud activity. These are the two main possibility of this cyber crime. Anyway i had done my part now it is time for action from officials " -Krishnadev said.
As the COVID-19 impacted such cases are increasing day by day. so the only way to stop is proper action from officials and people..
Indian data protection law is behind the international curve. The country’s data protection laws largely consist of: a statutory provision for payment of compensation for failure to protect sensitive personal information; and a criminal provision for disclosure of personal information without the data subject’s consent or in breach of a contract. However, both provisions apply only if a wrongful gain or loss results from the disclosure or breach.
Media Contact
Krishnadev P [email protected]+919961234873Melevila House pothanicad PO Pothanicad Kothamangalamhttp://scourgaurdz.in