Fact Check: Govt Warning Of Massive Phishing Attack Is Real

Supported by

A graphic has been going around which claims that ‘cybercriminals’ are going to launch a ‘phishing attack’ from June 21 onwards.

The message goes onto say that the suspicious email could be ‘ncov2019@gov.in’

‘The cybercriminals are claiming to have 2 million individual/citizen’s email IDs and are planning to send emails with the subject ‘Free COVID-19 testing’ inciting personal details,’ reads the viral graphic.

According to the message, the following cities are at risk from this phishing campaign: Delhi, Mumbai, Hyderabad, Chennai and Ahmedabad.

The Logical Indian received several requests to authenticate the claim.

Claim:

A phishing attack is expected to be launched from June 21 onwards in major metropolitan cities of the country.

Fact Check:

The claim is true.

According to an NDTV report, the government has cautioned people regarding a massive phishing attack that could seem like an official communique on the COVID-19 pandemic. The intention of the attack is to steal personal data and financial details.

The phishing attack campaign by ‘malicious actors’ was expected to start on June 21, and the suspicious email could be ncov2019@gov.in, the Indian Computer Emergency Response Team or CERT-In had tweeted on their official Twitter account.

CERT-In issued advisory on COVID 19-related Phishing Attack Campaign by Malicious Actors. pic.twitter.com/x8WO3TseCM

— CERT-In (@IndianCERT) June 20, 2020

The CERT-In under the Information Technology Ministry is tasked with protecting Indians from cyber threats.

‘The phishing campaign is expected to use malicious emails under the pretext of local authorities in charge of dispensing government-funded COVID-19 support initiatives. Such emails are designed to drive recipients towards fake websites where they are deceived into downloading malicious files or entering personal and financial information,’ CERT-In said in a statement.

‘…The malicious actors are claiming to have two million individual/citizen email IDs and are planning to send emails with the subject free COVID-19 testing for all residents of Delhi, Mumbai, Hyderabad, Chennai and Ahmedabad, inciting them to provide personal information,’ it added.

‘…These malicious actors are planning to spoof or create fake email IDs impersonating various authorities. The email ID expected to be used for the phishing campaign towards Indian individuals and businesses is expected to be from email such as ‘ncov2019@gov.in’ and the attack campaign is expected to start on June 21, 2020,’ it said.

Below is the entire statement:

What Is A Phishing Attack?

Phishing is one of the oldest forms of cyberattack that uses disguised email as a weapon. The goal is to hoodwink the email recipient into believing that the message is something they want or need. It could be a request from their bank or a note from someone in their company.

What Are The Steps You Can Take For Protection?

According to cybersecurity agency, people must not open attachments in unsolicited emails, even if they come from known contacts.

One must not click on URLs in an unsolicited email, even if the link seems benign.

Any unusual activity or attack should be reported immediately at incident@cert-in.org.in with logs and email headers for analysis of the attacks and for taking action.

Below is a screenshot of the full list of recommendation issued by the Government:

According to researchers at CYFIRMA, a cybersecurity firm that provides threat visibility and vulnerability assessment solutions for enterprises, an investigation into the Lazarus Group, a known hacker group sponsored by North Korea, for many years have revealed detailed plans indicating an upcoming global phishing campaign.

‘There is a common thread across six targeted nations in multiple continents – the governments of these countries have announced significant fiscal support to individuals and businesses in their effort to stabilize their pandemic-ravaged economies,’ reads the report.

The aim of the Lazarus Group’s upcoming phishing campaign is to impersonate government agencies, departments, and trade associations who are tasked to oversee the disbursement of the financial aid.

In order to execute their plan, the hackers plan to capitalize on these announcements to lure vulnerable individuals and companies into falling for the phishing attacks.

Below is a screenshot of what the email could look like:

However, the govt does mention a disclaimer that the information provided on the website is on an ‘as is’ basis and does not come with a warranty.

Further, India’s biggest lender State Bank of India (SBI) had also tweeted and issued a public warning to its account holders to be cautious of a cyber attack that could hurt almost 2 million people if not more.

Attention! It has come to our notice that a cyber attack is going to take place in major cities of India. Kindly refrain yourself from clicking on emails coming from ncov2019@gov.in with a subject line Free COVID-19 Testing. pic.twitter.com/RbZolCjLMW

— State Bank of India…

#PoweredByYou We bring you news and stories that are worth your attention! Stories that are relevant, reliable, contextual and unbiased. If you read us, watch us, and like what we do, then show us some love! Good journalism is expensive to produce and we have come this far only with your support. Keep encouraging independent media organisations and independent journalists. We always want to remain answerable to you and not to anyone else.

Leave a Reply

Your email address will not be published. Required fields are marked *

Featured

Amplified by

P&G Shiksha

P&G Shiksha Turns 20 And These Stories Say It All

Amplified by

Isha Foundation

Sadhguru’s Meditation App ‘Miracle of Mind’ Hits 1 Million Downloads in 15 Hours, Surpassing ChatGPT’s Early Growth

Recent Stories

38 Hours After Ahmedabad Crash, Air India Boeing 777 Drops 900 Ft Post-Takeoff; DGCA Grounds Pilots, Launches Probe

Delhi Court Closes CBI Probe in JNU Student Najeeb Ahmed’s 2016 Disappearance; Mother Vows to Keep Fighting

ajith kumar

Tamil Nadu: Five Policemen Arrested After Post-Mortem Confirms Injuries in Alleged Custodial Death of Temple Guard Ajith Kumar

Contributors

Writer : 
Editor : 
Creatives :