Fact Check: Govt Warning Of Massive Phishing Attack Is Real

"The cybercriminals are claiming to have 2 million individual/citizen's email IDs and are planning to send emails with the subject 'Free COVID-19 testing' inciting personal details," reads the viral graphic.

According to the message, the following cities are at risk from this phishing campaign: Delhi, Mumbai, Hyderabad, Chennai and Ahmedabad.

The Logical Indian received several requests to authenticate the claim.

Claim:

A phishing attack is expected to be launched from June 21 onwards in major metropolitan cities of the country.

Fact Check:

The claim is true.

According to an NDTV report, the government has cautioned people regarding a massive phishing attack that could seem like an official communique on the COVID-19 pandemic. The intention of the attack is to steal personal data and financial details.

The phishing attack campaign by "malicious actors" was expected to start on June 21, and the suspicious email could be ncov2019@gov.in, the Indian Computer Emergency Response Team or CERT-In had tweeted on their official Twitter account.

The CERT-In under the Information Technology Ministry is tasked with protecting Indians from cyber threats.

"The phishing campaign is expected to use malicious emails under the pretext of local authorities in charge of dispensing government-funded COVID-19 support initiatives. Such emails are designed to drive recipients towards fake websites where they are deceived into downloading malicious files or entering personal and financial information," CERT-In said in a statement.

"...The malicious actors are claiming to have two million individual/citizen email IDs and are planning to send emails with the subject free COVID-19 testing for all residents of Delhi, Mumbai, Hyderabad, Chennai and Ahmedabad, inciting them to provide personal information," it added.

"...These malicious actors are planning to spoof or create fake email IDs impersonating various authorities. The email ID expected to be used for the phishing campaign towards Indian individuals and businesses is expected to be from email such as 'ncov2019@gov.in' and the attack campaign is expected to start on June 21, 2020," it said.

Below is the entire statement:

Phishing is one of the oldest forms of cyberattack that uses disguised email as a weapon. The goal is to hoodwink the email recipient into believing that the message is something they want or need. It could be a request from their bank or a note from someone in their company.

What Are The Steps You Can Take For Protection?

According to cybersecurity agency, people must not open attachments in unsolicited emails, even if they come from known contacts.

One must not click on URLs in an unsolicited email, even if the link seems benign.

Any unusual activity or attack should be reported immediately at incident@cert-in.org.in with logs and email headers for analysis of the attacks and for taking action.

Below is a screenshot of the full list of recommendation issued by the Government:

According to researchers at CYFIRMA, a cybersecurity firm that provides threat visibility and vulnerability assessment solutions for enterprises, an investigation into the Lazarus Group, a known hacker group sponsored by North Korea, for many years have revealed detailed plans indicating an upcoming global phishing campaign.

"There is a common thread across six targeted nations in multiple continents – the governments of these countries have announced significant fiscal support to individuals and businesses in their effort to stabilize their pandemic-ravaged economies," reads the report.

The aim of the Lazarus Group's upcoming phishing campaign is to impersonate government agencies, departments, and trade associations who are tasked to oversee the disbursement of the financial aid.

In order to execute their plan, the hackers plan to capitalize on these announcements to lure vulnerable individuals and companies into falling for the phishing attacks.

Below is a screenshot of what the email could look like:

However, the govt does mention a disclaimer that the information provided on the website is on an 'as is' basis and does not come with a warranty.

Further, India's biggest lender State Bank of India (SBI) had also tweeted and issued a public warning to its account holders to be cautious of a cyber attack that could hurt almost 2 million people if not more.

If you have any news that you believe needs to be fact-checked, please email us at factcheck@thelogicalindian.com or WhatsApp at 6364000343

Also Read: Fact Check: PIB 'Fact Check' Erroneously Debunks UP STF Advisory To Uninstall 52 Chinese Apps As Fake