Cyber criminals become hyper active during festivals. Diwali is no exception. They have now started luring unsuspecting users into a trap, which is built around the festival of lights.

“Malware authors and spammers are diverting innocent users to fake shopping, gifting and travel sites. It’s not difficult to fall prey to an out of the world offer,” Shantanu Ghosh, Vice-President and Managing Director (India Product Operations) of Internet security solutions company Symantec.

Cyber-attackers make use of social engineering tactics to lure users to purchase from or register on unknown websites. Users may be exposing personal information to Internet scammers. “We advise users to be cautious when handling unsolicited offers or unexpected emails related to Diwali,” he said.

Shantanu said cyber criminals attempt to ‘poison’ web search engine results to take advantage of huge rush in search activity during popular events. “We have observed that cyber attackers are using various techniques to make the most of Diwali,” he warned.

There were instances where recipients were offered memberships to reputable holiday clubs. “Since people tend to travel during the holidays, we found many URLs redirecting users to travel-related sites. These kinds of spam messages have been around for quite some time. There could be rise in the messages with Diwali approaching in a few days,” he cautioned.


“Before giving into the temptation of clicking on a link in an email, check whether it is an unsolicited email offer and whether it is this website authentic. “You can safely ignore such mails that ask for unnecessary personal information such as passwords or pin numbers,” Symantec said.