The next time someone says Namaste to you on your mail, it is time that you are on guard. Cyber criminals across the world have now realised that there is a large Hindi speaking population across the globe and for the first time have adopted the language to send out spam mails.
Symantec which has done a study to this effect has for the first time observed spam emails – using the “419 “ or “Nigerian” technique – in Hindi. This represents a paradigm shift in 419 scams, which users around the world have learnt to be wary of. While these messages were earlier predominantly in English, even when targeting Indian users, it shows that spammers have become extremely specific about their target.
Over the past few years, India has increasingly become the target for cybercriminals – from phishing and spam attacks around Diwali, to the more recent Cricket World Cup, India-specific events are being used to fool users in the country into parting with their money and information.
Furthermore, Hindi is widely spoken not only in India, but Pakistan, Bangladesh, Nepal, Bhutan, and among Indian Diaspora settled around the world. This is a clear indication of the fact that Asia ranks high on the cybercriminal’s target, especially countries like India with a rapidly growing internet population.
Gaurav Kanwal, Country Sales Manager, India, Consumer Products and Solutions, Symantec says that another factor that makes Hindi an attractive medium for cybercriminals is the possibility of first-time or emerging Internet users in India being more comfortable with their mother tongue, and therefore more easily deceived. This is a classic example of “social engineering” – where the attacker does not exploit any vulnerability in the system, but rather dupes the victim into revealing sensitive information.
While German, Spanish and other European languages are routinely used in scams, the discovery of the first Hindi spam reinforces the fact that India – where 35% of spam in the region originated, and the 6th ranked country for malicious code in 2010 – is rising on the cybercriminal’s radar.