Technology

Massive Phishing Attacks Warning: May Imitate Communication Related to COVID-19

The government warns people to beware of a large-scale phishing attack campaign in relation to COVID-19 that might mimic government communications in order to steal crucial personal and financial information. The attack could be targeting Indian individuals and businesses.

The CERT-In advisory has mentioned that the phishing campaign is likely to employ malicious emails under the name of local authorities. They are said to look like being sent by authorities responsible for providing government-funded assistance to COVID-19 initiatives. These emails are intended to drive recipients to fake websites where they are tricked with malicious files or requests to enter personal and financial details.

The malicious hackers claim to have 2 million individual/business email IDs and are intending to send emails with a subject line that states free COVID-19 testing for all residents of Delhi, Hyderabad, Mumbai, Ahmedabad, and Chennai, urging users to provide personal data.

The CERT-In advisory has mentioned that the phishing attack is intended to be crafted to imitate government departments, agencies, and trade groups that have been asked to monitor the disbursement of financial assistance rendered by the government.

Also Read: COVID-19: GSTN Alerts Taxpayer About Fake Messages on GST Refund

The email IDs are intended to look similar to the official government domains, which could easily be mistaken by the users as to be sent by the original ones. The advisory claims that email IDs, such as “ncov2019@gov.in” could be utilised in the phishing campaign.

The government agency accountable for cybersecurity has also set out guidelines for users to keep themselves safe. It mentioned that users should not click on any URL or open attachments sent through an unsolicited email, even when it comes from someone they know. The agency has asked users to close their email and visit the organization’s website directly instead of clicking on the link received in the email.

Users are advised to check the integrity of the URL before providing login credentials. Phishing domains and emails, typically, have spelling or grammatical mistakes, so users can search for the same to remain on the safer side. 

The CERT-In advisory has asked users to not click on phishing URLs which provide exclusive deals, such as winning prizes, bonuses, or cashback offers. The advisory has also informed users to report any suspicious activity or attack at incident@cert-in.org.in with pertinent logs and other information.

For any clarifications/feedback on the topic, please contact the writer at bhavana.pn@cleartax.in.

Share

Recent Posts

Mutual Funds: SIP Inflows Breach Rs 19,000-Crore Mark for the First Time in February ’24

The systematic investment plan (SIP) contribution in February 2024 has crossed a new milestone. The monthly contribution tipped at Rs…

10 months ago

Income-Tax Return: A Brief Note on Annual Information Statement (AIS)

The Income-Tax (I-T) Department has directed taxpayers to access the Annual Information Statement (AIS) via the e-filing official portal and…

10 months ago

Mutual Funds: All About SIP and Market Fluctuations

Considering the vagaries of the stock market, investors often ponder over reevaluating their strategies. Whether to continue to remain invested…

10 months ago

Income-Tax Saving Through Strategic Life Insurance Planning

Financial planning is beyond just investing wisely to save on taxes; it's also related to protecting oneself and one's loved…

10 months ago

Income-Tax Return: Here’s a Note on Tax-Saving Avenues

A salaried individual earning up to Rs 5-15 lakh as net salary on an annual basis must first take stock…

10 months ago

A Quick Take on Equity-Linked Savings Scheme

Equity-linked savings schemes (ELSS), also referred to as tax-saving schemes, are equity funds that invest a significant portion of their…

10 months ago