Indian Govt’s Cyber watch dog CERT-In warned against individuals and businesses for large-scale cyberattacks, COVID-19 will be used as a bait by attackers to steal personal & financial info.
CERT-In issued an advisory warning that the potential phishing attacks could mock government agencies, departments, and trade bodies that have been tasked to supervise the expenditure of govt tax aid.
The phishing attacks are expected from today that is 21 June 2020 with cyber attackers using email IDs such as “[email protected]”, it added. The e-mail may look as follows:
The attackers may send malicious e-mails under the pretext of local officials that are in charge of distributing govt-funded COVID-19 schemes.
Cybercriminals are finding new ways to bypass Google security.
“Such emails are designed to drive recipients towards fake websites where they are deceived into downloading malicious files or entering personal and financial information,” Indian Computer Emergency Response Team (CERT-In) said in its latest advisory dated 19 June.
Visit CERT-In Website > Advisories > Advisories of the Year 2020 > CERT-In Advisory CIAD-2020-0040.
The advisory mentioned that the “malicious actors” are claiming to have emailID of 20 lakh citizens and the Subject line may say: free COVID-19 testing for all residents of Delhi, Mumbai, Hyderabad, Chennai and Ahmedabad in a bid to coax users to disclose personal information.
“It has been reported that these malicious actors are planning to spoof or create fake email IDs impersonating various authorities,” it cautioned.
CERT-In, in its advisory, contains a list for users to follow to protect themselves, which includes not opening attachments in unknown emails even if it is being sent from a person in your contact list.
It also asked users to encrypt and protect their sensitive documents to avoid potential leakage.
It is also recommended to use anti-virus tools, firewalls, and filtering services and to report any unusual activity or attack immediately to CERT-In.