The Maharashtra Cyber has issued an advisory alerting the citizens to follow cyber safety precautions and protect from being victim of phishing. According to Maharashtra Cyber, cybercriminals and hackers are using sophisticated phishing techniques to steal the confidential data of netizens.
The Maharashtra Cyber is a nodal agency established by the Government of Maharashtra to tackle cybercrimes and other digital threats.
The agency has said that a phishing kit is a collection of software tools that makes it easier for people with little or no technical skills to launch a phishing exploit.
“The goal is to trick the person into performing a specific action that will benefit the attacker, typically, this involves getting the victims to click on malicious links, open an infected attachment or authorise a transfer of funds,’’ it added.
According to Maharashtra Cyber, online hacker forums have huge collections of more than 1,300 phishing kits on sale that cover top rated websites, banks, and financial organisations on the internet.
"The list covers high value services including PayPal,Dropbox, Amazon, OneDrive, Office 365, Outlook, Gmail, Spotify, Netflix, Bank of America, Chase, Wells Fargo, First Bank, Apple, Facebook and Linkedin. Low average price of phishing kits is to attract more cyber criminals into buying them to commit different sorts of phishing scam,’’ it said.
The agency said, since the kits target frequently used web applications such as Office 365, Amazon, Facebook, the cyber criminals can use them to launch phishing attacks on Indian individuals and organisations alike.
The Maharashtra Cyber has urged the netizens not to reveal personal or financial information in an email and never respond to email solicitations for this information.
The agency said the malicious websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain. Therefore, it has asked people to always check if the website URL starts with http which is a secure way to send data between a web and a web browser.
If unsure whether an email request is legitimate, the agency has asked to verify it with information outside the content of the email. "Never open any attachment or links shared by strangers via email. Doing these actions can install malware on your machine,’’ it added.
In case you are a victim of cyber fraud:▪︎
Immediately alert the local police station or call the 24x7 Cyber Helpline-- 9820810007 set up to prevent and tackle Cyber Crime.
▪︎For bank frauds, immediately alert the concerned bank, block the card and fill a dispute form. If a fraud is reported within 24 hours of crime, it becomes the responsibility of the concerned stakeholder to recover the money.
▪︎Never share your bank details, debit/credit card number, and One Time Password (OTP).
While alerting bank, keep following documents handy --
•Bank statement of the last six months
•A copy of SMSs received related to the alleged transactions
•Identity and address proof as shown in the bank records