With tension between India and China at an all-time high, state-run Indian Computer Emergency Response Team (CERT-In), last week, warned citizens to be wary of COVID-19 related phishing scams in the coming days.
What exactly is online phishing?
Phishing is a criminal offence in which internet attackers convince users to disclose sensitive information ranging from bank statements to personal identification, using the names of accredited websites as a front. The practice includes sending of spam emails containing malicious links and attachments that steal user data, thus rendering the ploy illegal. Day by day, these scams grow in deceitfulness and innovation. Something that might seem like a neat offer to win tickets for a holiday cruise may actually be a veiled phishing attack aimed at extracting personal details.
CERT-in says the emails, at first glance, appear to be legitimate as they uncannily mimic a government standard-issue email. Under the pretense of conducting mandatory testing for the Coronavirus for residents over the age of 40 in Delhi, Mumbai, Hyderabad, Chennai and Ahmedabad, the sham emails collect personal information including contact information and PAN card details. The mails also contain links that divert recipients to fake websites, where they are misled to download malicious files or impart personal data.
As per the information provided on the CERT-In official website, the malicious actors claim to be in possession of at least 2 million citizen email IDs and plan to launch the online phishing campaign in June. CERT-In warns users to beware of fraudulent email ids, such as “ncov2019@gov.in”, which is expected to be used in the phishing campaign.
How can I protect myself from falling victim to such online scams?
Get the latest news on new launches, gadget reviews, apps, cyber security and more on personal technology only on DH Tech.