Days after the Australian government said that it is grappling with massive cyber attacks from a state-based actor, the Indian Computer Emergency Response Team (CERT-In) has warned of a largescale cyber attack against individuals and businesses. The cyber security agency said that the attackers may use malicious e-mails under the pretext of local authorities dispensing government-funded Covid-19 support initiatives.

“Such e-mails are designed to drive recipients towards fake websites where they are deceived into downloading malicious files or entering personal and financial information,” CERT-In said in its advisory dated June 19.

The advisory said that the hackers are claiming to have 2 million individual/citizen e-mail IDs and are planning to send an e-mail with the subject line: free Covid-19 testing for all residents of Delhi, Mumbai, Hyderabad, Chennai and Ahmedabad in a bid to coax users to disclose personal information.

“...These malicious actors are planning to spoof or create fake e-mail IDs impersonating various authorities. The e-mail ID expected to be used for the phishing campaign towards Indian individuals and businesses is expected to be from e-mail such as ‘’ and the attack campaign is expected to start on June 21,” it said.

According to a PwC report, the number of cyber attacks on Indian organisations doubled in March 2020, from January 2020. “The current crisis gives hackers and threat actors the most suitable opportunity to launch cyber attacks as countries worldwide are busy dealing with the pandemic. They are utilising this opportunity to exploit organisations,” the report said.

The Australian Prime Minister Scott Morrison last week confirmed Australia has been the target of increased cyber attacks by a foreign entity, describing it as a “sophisticated, state-based cyber actor”. The Australian Strategic Policy Institute has alleged that the attack was likely to have been launched from China. China has termed the allegation as baseless.