The government on Saturday warned of a massive phishing attack that could steal personal and financial information in exchange for 'official' information on COVID-19 pandemic.
The Indian Computer Emergency Response Team (CERT), that works to protect us from cyber threats, took to Twitter to release a statement which read: "The phishing campaign is expected to use malicious emails under the pretext of local authorities in charge of dispensing government-funded COVID-19 support initiatives. Such emails are designed to drive recipients towards fake websites where they are deceived into downloading malicious files or entering personal and financial information."
"The malicious actors are claiming to have two million individual/citizen email IDs and are planning to send emails with the subject free COVID-19 testing for all residents of Delhi, Mumbai, Hyderabad, Chennai and Ahmedabad, inciting them to provide personal information.
"These malicious actors are planning to spoof or create fake email IDs impersonating various authorities. The email ID expected to be used for the phishing campaign towards Indian individuals and businesses is expected to be from email such as 'email@example.com' and the attack campaign is expected to start on June 21, 2020.
The cyber security team has advised not to open attachments in 'fishy' emails as there might be a potential security breach. Citizens should report any unusual activity to firstname.lastname@example.org with complete details for the authority to take action.