The government of India has announced the possibility of a huge phishing attack campaign related to Covid-19 which is out to steal personal data and financial information. As per reports, the attack is targeted at individuals as well as businesses and is supposed to have begun on June 21st.
CERT-In has issued an advisory in a report that says that the phishing campaign is expected to use malicious emails under the pretext of local authorities in charge of dispensing government-funded Covid-19 support initiatives. It mentioned that such emails are designed to drive recipients towards fake websites where they are deceived into downloading malicious files or entering personal and financial information.
This means that the campaign would be identifying itself as government authorities and extract confidential information with fake government IDs. An example given by CERT-In is email IDs like “[email protected]” that should be avoided.
A tactic used by cybercriminals to fool people into giving their money or computer access is known as phishing. While the definition can be narrowed down to a crime, there are many facets to it. The motive behind the attack, the amount of ransom demanded and the channel of communication used can have varied and long-lasting consequences.
There have been some guidelines given by cybersecurity agency CERT-In :
- Don’t open attachments or click on URLs in an unsolicited email
- Look out for grammar or spelling mistakes in the mail or website URL
- Exciting offers can be scams, check before you click on the link
- Report anything that you find suspicious at [email protected]
What are other online scams that one should beware of during COVID?
Amid all of its other controversies, Facebook has also been victim to a lot of clone scams on its platform. Closed accounts or fake accounts of real individuals have been used by cybercriminals to extract personal information out of people.
Photos that are public ar being used by them to set up new accounts and chat with their friends pretending to be the real user. Through chatting, they are asking personal questions to acquire sensitive information about the person.
A good way to avoid this would be making your account private and hiding all pictures. Another way would be staying alert if any of your friends are behaving weird or tell you about suspicious friend requests.
Employment Opportunities scams
At an unfortunate time like this, a lot of people will out looking for better job opportunities because they are either laid off or want to move closer to home. Cybercriminals feed on such vulnerability and target such individuals with job opportunities.
If you receive an offer letter that is too good to be true, then be alarmed. An offer letter will give an official letterhead and account for every detail with an explanation. Plus, it might not be as good as you would want it to be.
Be careful about such scams as they might convince you to make an online transaction for confirmation of the job role or something else. Don’t make any transactions until you have all the details and have verified with your employer personally.
Online Shopping scams
We are compromised to only online shopping during this time as physical businesses will take some time to open. Moreover, avoiding contact with people is crucial to one’s survival. As we are moving to social media platforms and e-commerce websites for regular shopping, you need to be very careful about discounts.
If the discounts are too huge and offering very exciting offers, then you must verify the URL it is asking you to click on. There can be messages on WhatsApp too that are rushing you to buy something. Flowery language and unbelievable good discounts are mostly a way for scammers to trick you into clicking on the malicious links.
A government warning of phishing scams is serious enough so being alert at a time like this is essential. While cybercrime is on a rise, we ourselves should inculcate precautionary measures in our daily internet usage to be safe. It will help come out of an attack quicker than when you are not prepared at all.
If you have an interesting article / experience / case study to share, please get in touch with us at [email protected]