The Indian government has issued a warning to businesses and individuals about a large-scale phishing attack which is aimed at extracting and stealing personal information and compromising their personal computers.
CERT-In, the Indian government’s nodal agency, has issued an advisory where it warns about malicious actors who are impersonating government agencies and trade organizations – the organizations that have been disbursing government’s fiscal aid announced to counter the COVID-19 pandemic. The agency has also added that there is a large-scale phishing attack that could begin on June 21.
The agency went to add that malicious actors behind the attack have the email IDs of nearly 2 million people and that they have an elaborate plan to lure innocent people into giving up their personal information when they send emails that contain details of free Covid-19 testing.
“The malicious actors are claiming to have individual/citizen email IDs and are planning to send emails with the subject line: free COVID-19 testing for all residents of Delhi, Mumbai, Hyderabad, Chennai, and Ahmedabad, inciting them to provide personal information,” CERT-In wrote in its advisory.
Here is what you need to do to be safe:
— CERT-In has sent out a caution which said that the attackers could use email IDs which includes ‘firstname.lastname@example.org’ to trick users. Avoid opening emails with suspicious attachments.
— You have to encrypt or protect all your important files and documents.
— Always keep an open eye for spelling errors in emails, websites, as well as unfamiliar email senders. Typically, Phishing emails always have typos or spelling errors in the subject line or even the body. Be vigilant about the suspicious email IDs.
— You also have to check the integrity of the URL before you give any personal details.
— Never give your credentials on the websites which you are not familiar with.
— At all times, use firewalls, antivirus software and spam filters.