CERT-In, Government of India Warns Citizens of Large Scale Phishing Campaign Using COVID-19 as Bait
On 19th June 2020, India’s Computer Emergency Response Team (CERT-In) issued an advisory on a large scale COVID 19-related Phishing attack campaign from malicious actors. It indeed alerted citizens the phishing emails/messages can come in the guise of local authorities in charge of dispensing government-funded COVID-19 support initiatives.
CERT-In Warns of Large Scale COVID-19 Phishing in India
CERT-In explained the emails are designed to drive recipients towards fake websites imitating government organizations and trade associations. The aim of the phishing attack is to target individuals and businesses, and deceive them into downloading malicious files or entering personal/financial information. CERT-In is in fact a team from Ministry of Electronics & Information Technology, Government of India.
Likewise, the advisory mentions malicious actors are claiming to have 2 million email IDs of citizens. They are planning to send emails with subjects like – free COVID-19 testing – for all residents of Delhi, Mumbai, Hyderabad, Chennai and Ahmedabad. Consequently, they incite the recipients to provide their personal information. Similarly, CERT-In mentioned malicious actors are planning a large-scale phishing attack campaign against Indian individuals and businesses. To clarify, it is expected to start from 21st June 2020. CERT-In also shared a sample of how the Phishing emails can look like; adding the messages can come from emails IDs such as firstname.lastname@example.org.
Sample Phishing Email
The ministry of health and family welfare, government of India has announced a mandatory COVID-19 testing for all residents of Delhi, Mumbai, Hyderabad, Chennai and Ahmedabad above age of 40 years.
Government of India has decided to reimburse testing cost incurred.
A medical staff will come to your residence to collect samples.
Please immediately register using link below for all free COVID-19 test. Do not forget to provide complete contact details with PAN etc.
Thank you for your support in keeping India’s fight against COVID-19
Ministry of Health and Family Welfare (MOHFW)
Nirman Bhavan, Maulana Azad Road
New Delhi 110011
Global Phishing Attack: CYFIRMA Research
According to CYFIRMA Research, a North Korea-sponsored hacking group, Lazarus hatched the plot to launch mass-scale ‘phishing’ attacks using COVID-19 global pandemic. They also plan to target countries like US, UK, Japan, Singapore and South Korea, where the respective governments extended stimulus payments to deal with the pandemic.
So, beware of clicking such Phishing links in the name of COVID-19/Coronavirus initiatives and do not open or download any email attachments. Particularly, do not share your personal or financial information. In case you come across any such unusual activity, you can report immediately at email@example.com.
On the other hand, at the end of the advisory, CERT-In mentions a disclaimer saying the information provided is on “as is” basis without any kind of warranty.
Update: 26th June 2020
On 21st June 2020, State Bank of India also alerted on Twitter about the notice of cyber attack in major cities of India. SBI asked people to refrain from clicking on emails coming from firstname.lastname@example.org with a subject line Free COVID-19 Testing.