Monday, June 22, 2020

Large Scale Phishing Attack using COVID-19 as Bait alerts CERT-In


To steal personal data (such as bank account details- debit/ credit card information) of Individuals and Businesses across the country, from 21st June 2020, a large scale phishing attack has been planned by malicious actors. This information asking the citizens to be cautious was issued by the nodal agency responsible to deal with cyber-attack threats in the country- The Indian Computer Emergency Response Team (CERT-In).

How you could be targeted?

  • Indian Citizens will be targeted through malicious ‘Emails’. 
  • These emails are likely to use COVID-19 as bait by using details of local government authorities (details such as logo, name, etc of government officers or departments those who are in-charge for various COVID-19 initiatives of the government) for making it look authentic.
  • The email will contain an external link that will drive the recipients of the email to some fake websites designed in such a way that the website may install a malicious file without the consent of the recipient of the email or may ask for entering personal or financial details on the pretext of raising fund for some government initiative.
  • As per the alert issued by CERT-IN: The Emails that will be sent might have a subject –‘Free COVID-19 testing for all residents’. 
  • The attackers could use various fake Email Accounts such as ‘ncov2019@gov.in’.

No comments:

Post a Comment