Info-tech

Centre cautions people against massive phishing attacks starting today

Prashasti Awasthi Mumbai | Updated on June 21, 2020 Published on June 21, 2020

The Centre has asked people to be wary of any site trying to mimic official communication on coronavirus data in order to steal personal data and financial information, in what would be a massive phishing attack, an NDTV report said.

The attack will begin today and the suspicious email site could be ncov2019@gov.in, the Indian Computer Emergency Response Team or CERT-In tweeted. CERT-In, under the Information Technology Ministry, works to protect Indians from cyber threats.

"The phishing campaign is expected to use malicious emails under the pretext of local authorities in charge of dispensing government-funded Covid-19 support initiatives. Such emails are designed to drive recipients towards fake websites, where they are deceived into downloading malicious files or entering personal and financial information," CERT-In said in a statement cited in the NDTV report.

Phishing attacks are attacks where malicious entities glamour themselves as credible government portals in order to trick people into opening emails or text messages, to get hold of their personal details and sensitive information.

"...The malicious actors claim to have two million individual/ citizen email IDs and are planning to send emails with the subject free COVID-19 testing for all residents of Delhi, Mumbai, Hyderabad, Chennai and Ahmedabad, inciting them to provide personal information," it said.

"...These malicious actors are planning to spoof or create fake email IDs impersonating various authorities. The email ID expected to be used for the phishing campaign is expected to be from email such as 'ncov2019@gov.in' and the attack campaign is expected to start on June 21, 2020," it said.

The cybersecurity agency said people shouldn't open attachments in unsolicited emails, even if they come from people in their contacts list. It said they shouldn't click on URLs in an unsolicited email, even if the link seems benign.

Any unusual activity or attack should be reported immediately at incident@cert-in.org.in with logs and email headers for analysis of the attacks and to take action.

Published on June 21, 2020
  1. Comments will be moderated by The Hindu Business Line editorial team.
  2. Comments that are abusive, personal, incendiary or irrelevant cannot be published.
  3. Please write complete sentences. Do not type comments in all capital letters, or in all lower case letters, or using abbreviated text. (example: u cannot substitute for you, d is not 'the', n is not 'and').
  4. We may remove hyperlinks within comments.
  5. Please use a genuine email ID and provide your name, to avoid rejection.