Guwahati: The Centre has warned individuals to guard against a massive phishing attack which would mimic official communication on COVID-19 pandemic and then would proceed to steal personal data and also financial information.
The Indian Computer Emergency Response or CERT-In tweeted that the phishing attack campaign by “malicious actors” is expected to start from June 21 and the suspicious email could be “firstname.lastname@example.org.”
The advisory by CERT-In stated, “The phishing campaign is expected to be designed to impersonate government agencies, departments, and trade associations who have been tasked to oversee the disbursement of the government fiscal aid.”
The malicious actors are claiming to have 2 million individual/ citizen email IDs and hence are planning to send emails with the subject of free COVID-19 testing of all residents of Delhi, Mumbai, Hyderabad, Chennai, and Ahmedabad, inciting the user to provide them with some personal information added the advisory.
These kinds of attacks aka phishing attacks usually come under the guise of trusted entities and then dupe people into opening text messages and emails. Users are then tricked into clicking the malicious link which then installs a malware or causes system freeze or even reveals sensitive information.
According to the cybersecurity agency, users must not open attachments in unsolicited emails, even if they come from people in our contact list. Moreover, one must never click on a URL contained in an unsolicited email even if the links seem benign. Given below are a few of the safety practices one must look on to.