The Indian government has warned of an imminent threat of a massive phishing attack targeting unsuspecting citizens. According to the Indian Computer Emergency Response Team (CERT-In), malicious actors could imitate government organizations to steal sensitive personal data and financial information in a coordinated attack that is expected to start this week.
To carry out the campaign, the attackers will reportedly impersonate government agencies tasked with disbursing COVID-19 relief. In a statement, Cert-In said: “The phishing campaign is expected to use malicious emails under the pretext of local authorities in charge of dispensing government-funded Covid-19 support initiatives. Such emails are designed to drive recipients towards fake websites where they are deceived into downloading malicious files or entering personal and financial information.”
CERT-In issued advisory on COVID 19-related Phishing Attack Campaign by Malicious Actors. pic.twitter.com/x8WO3TseCM
— CERT-In (@IndianCERT) June 20, 2020
Of course, the fake websites and the people running them have no affiliation with any government agency. So, any information shared with them by unsuspecting users might be used to siphon off money from their accounts. These phishing emails could target up to 20 lakh (2 million) email IDs belonging to individuals and small organizations.
The emails will apparently target people in Delhi, Mumbai, Hyderabad, Chennai, and Ahmedabad. The attackers are reportedly sending emails with the subject ‘Free COVID-19 Testing’ to lure users into revealing personal information. Apparently, the senders’ email-IDs have been specifically designed to deceive people into mistaking them with official government IDs. For example, email ID like ‘ncov2019@gov.in’ could be used in the phishing attack, said the agency.
There is an imminent threat of a massive phishing attack in India by Lazarus, the North Korean hacking group, starting today.
The hackers will claim free COVID-19 testing for all residence of Delhi, Mumbai, Hyderabad, Chennai, and Ahmedabad in return for their personal info. pic.twitter.com/R3pQAQLO3i
— Beebom (@beebomco) June 22, 2020
To protect themselves from becoming victims, people shouldn’t download or open attachments from unsolicited emails. In fact, it’s best not to click on any URL whatsoever within such emails. Even if everything seems to be genuine, best practice dictates that you access the page by going directly to the agency’s official website.