Indian Govt. Warns of Massive Phishing Attack Promising COVID-19 Aid, Free Testing

Jun. 22, 2020

The Indian government has warned of animminent threat of a massive phishing attacktargeting unsuspecting citizens. According to the Indian Computer Emergency Response Team (CERT-In), malicious actors could imitate government organizations to steal sensitive personal data and financial information in a coordinated attack that is expected to start this week.

To carry out the campaign,the attackers will reportedly impersonate government agencies tasked with disbursing COVID-19 relief. In a statement, Cert-In said:“The phishing campaign is expected to use malicious emails under the pretext of local authorities in charge of dispensing government-funded Covid-19 support initiatives.Such emails are designed to drive recipients towards fake websites where they are deceived into downloading malicious files or entering personal and financial information.”

CERT-In issued advisory on COVID 19-related Phishing Attack Campaign by Malicious Actors.pic.twitter.com/x8WO3TseCM

Of course, the fake websites and the people running them have no affiliation with any government agency. So, any information shared with them by unsuspecting users might be used to siphon off money from their accounts. These phishing emails could target up to 20 lakh (2 million) email IDs belonging to individuals and small organizations.

To protect themselves from becoming victims,people shouldn’t download or open attachments from unsolicited emails. In fact, it’s best not to click on any URL whatsoever within such emails. Even if everything seems to be genuine, best practice dictates that you access the page by going directly to the agency’s official website.

Passionate techie. Professional tech writer. Proud geek.