As coronavirus continues to make destruction across the globe, here is the new threat that has arisen in the cyber world with respect to COVID-19.
The new advisory circulated by Indian Government stating that there is a subtle chance of phishing attack across small, large and enterprise industries from 21st June 2020
What is Phishing Attack:
Phishing is a fraud plan to obtain sensitive information like usernames, passwords, and financial details from users by entitling them as a trustworthy entity over the internet such as email spoofing, instant messenger.etc
How it is related to CoronaVirus:
As circulated By the Indian Government, The potential phishing attacks were expected to start on June 21 where attackers are likely to use the email ID “firstname.lastname@example.org.”
This phishing attack campaign is supposed to occur through spam emails under the subject of COVID-19 Government funds and initiatives
Such emails are designed to participate in people to support aid for COVID-19 in various formats which may attack an individual person.
The CERT also states that the attackers are claiming to have over 20 lakh email IDs and they are planning to send spam emails with the subject ‘free COVID-19 Testing for all residents of Delhi, Mumbai, Hyderabad, Chennai and Ahmedabad’, encouraging them to provide personal and financial information.
It is our moral responsibility to be careful against this unsolicited campaign by taking precautionary measures to avoid attack by the phishing attempts being as an individual
The basic preventive measures include not to open attachments or a URL in untrusted emails, or to encrypt sensitive documents which will get stored on internet-connected devices, which are supposed to use anti-virus tools, firewalls, and filtering services.
1. Don’t open or click on the attachment in E-mail, SMS or messages through Social Media which seems suspicious to you
2. Do not submit personal or financial details such as credit card,debit card,ATM PIM information on unknown websites/links
3. Beware of e-mail addresses which sounds you unfamiliar, spelling errors in e-mails, especially grammar, symbols, etc
4. Be cautious in opening attachments, even if the sender appears to be known
5. Do not participate in any email campaign which includes a cash prize, discounts, lottery title
You can also report any unusual activity on the below email:
email@example.com with necessary details or visit CERT official website