These are times in which everyone wants to shield themselves from coronavirus infection. One way to do it is to gather more information. And government agencies are doing their bit to disseminate important pieces of info too. But the global pandemic has provided an opportunity to cyber criminals as well. The government has now warned people that a large-scale cyber attack has been planned by cyber criminals in which they may use Covid-19 as a bait to steal your personal and financial information. These hackers may impersonate government agencies and send an e-mail offering a free Covid-19 test. Opening this e-mail may make you vulnerable to hacking.
The Indian Computer Emergency Response Team (CERT-In) has issued an advisory in this regard.
"Phishing campaign is expected to impersonate government agencies, departments and trade associations who have been tasked to oversee the disbursement of the government fiscal aid," says the advisory.
It further said, "Spoofed email ID which could be used for the phishing email is expected to be firstname.lastname@example.org."
The CERT-In warning advisory added that there would be a phishing email subject line like free Covid-19 testing for all residents of Delhi, Mumbai, Hyderabad, Chennai and Ahmedabad.
"The malicious group claims to have 2 million individual email addresses and the attack campaign is expected to start on June 21," the Indian government stated.
"Such emails are designed to drive recipients towards fake websites where they are deceived into downloading malicious les or entering personal and nancial information," CERT-In said in the latest advisory dated June 19.
"It has been reported that these malicious actors are planning to spoof or create fake email Ids impersonating various authorities," it cautioned.
CERT-In, in its advisory, outlined a list of steps for users to protect themselves, including not opening attachments in unsolicited emails even if it comes from people who are in the contact list.
It has asked users to encrypt and protect their sensitive document to avoid potential leakage. It also urged people to use anti-virus tools, rewalls and filtering services and asked them to report any unusual activity or attack immediately to CERT-In.
The government also issued preventive measures where it stated that not to open or click on attachment in un-solicited email, sms or messages through social media. It further directed to exercise caution in opening attachments, even if the sender appears to be known.
"Beware of email addresses, spelling errors in emails, websites and unfamiliar email senders," stated the advisory, warning every citizen not to submit personal financial details on unfamiliar or unknown websites or links.
"Beware of emails, links providing special offers like Covid-19 testing, aid, winning prize, rewards, cashback offers," the government advisory stated.
(With IANS inputs)