Tech scams have been in existence for a long time through cold calls and fake online pop-up ads and have affected a lot of users who gather content through online platforms on a regular basis. People who go through such scams do acknowledge that the cost of these scams go beyond monetary loss and have LED to higher stress levels in humans.
But a scam appears to be more harmful when it happens right in front of your eyes and when the scammer offers you details that only a legit company would. In a rather alarming incident, I was indirectly on the receiving end of such a scam as a guy disguising himself as a Flipkart employee contacted my father, claiming that he had a gift from the e-commerce portal.
The caller offered a “Tata Safari” as a gift from Flipkart and asked whether we’d want the car or an equivalent amount in cash as the prize. For the process to be complete, the caller demanded that a processing fee be paid for the car to be delivered from New Delhi to the current location. My father, realising this was another incident of scam, played smart and countered saying why would big-name companies like Flipkart and Tata need a mere service charge for sending prizes to their customers. The scammer knew his game ended as soon as he heard it and ended the call.
But there’s a shocking revelation to this incident. While scam calls aren’t exactly a new phenomenon, the number of details that were shared about the previous order was unreal.
Not only did the scammer correctly ask for the customer by calling out the name initially, but he also tried to be more convincing when he asked whether my dad had ordered “that particular item” from Flipkart. The item was a piece of furniture and the caller knew exactly what the item was, right down to its make and model.
What was more even more appalling was that the scammer, as means to be credible, enquired whether the item had been received. The prank could have lured a layperson since the call came just a day after the item was delivered and only a genuine entity would know so much about what you had ordered.
This brings us to ask what might have gone wrong and to say that it was Flipkart’s fault would only be an understatement. While such online fraud schemes have been in existence for more than a decade, the mere thought that the caller on the other end knew so much about what you had shopped for and whether the item was delivered, means a huge security breach on Flipkart’s part.
There’s either a breach in the Flipkart’s system which has been exploited by hackers to conduct online fraud or there’s also a possibility that employees of Flipkart are selling the user data of several customers. This data could be anything from a user’s name to their address, phone number and the items they purchased in the past.
The latest incident comes just days after reports claimed that close to 1.4 million accounts of online buyers were breached, that in India alone. The breached accounts were lured into paying service charges in order to receive fake lucky draw prizes and other expensive gifts against the item they had purchased online, similar to what happened in this case.
Within moments of the incident, I reached out to Flipkart but I haven’t yet received a reply on the matter. There’s one thing to allow a data breach and it’s a whole different issue when the problem isn’t being acknowledged by the concerned entity. This begs the most important question in this case, is Flipkart actually breaching your privacy?