'Massive' phishing attack likely against Indian individuals, businesses: Government
As the world celebrates International Yoga Day and Father's Day, the cyber-security agency working for the Government of India is raising alarms over a "massive" phishing attack campaign. The organization has warned that certain "malicious actors" are looking to target Indian citizens and businesses through a series of hacks and they are likely to begin today. Here is more about it.
Phishing attacks related to COVID-19
According to an advisory issued by the Indian Computer Emergency Response Team (CERT-In), hackers are planning a large-scale COVID-19-related phishing attack against Indian individuals and businesses of all sizes. The campaign "is expected to use malicious emails under the pretext of local authorities in charge of dispensing government-funded COVID-19 support initiatives" and trick unsuspecting individuals into giving away their personal or financial information.
Hackers likely to use spoofed email IDs
The CERT-In's warning emphasized that hackers are likely to target unsuspecting individuals using spoofed emails (like ncov2019@gov.in), which will look similar to those operated by government departments, agencies, and trade associations. Meanwhile, the message could revolve around financial aid, free testing, or other COVID-19-related relief initiatives by the Indian Government. It could be an actual initiative or a fake one, too.
Then, the messages will direct to deceptive websites
Using the messages, the hackers will try to trick you into clicking a link, which may open a deceptive site mimicking a government portal or download malware. The former could trick you into entering information willingly, while the latter could mine it covertly.
20 lakh email IDs with the hackers
The government agency says that the hackers are claiming to have 20 lakh email IDs, and the attack is going to be a large one. It is likely to begin on June 21, but there is no way to be sure when it might actually happen. It could start at a later stage, considering the warning, or may have already begun.
North Korean hacker group believed to be responsible
According to security research firm Cyfirma, the humongous phishing campaign has been plotted by Lazarus, a group of hackers sponsored by North Korea. They are also targeting individuals in other COVID-19-hit countries, including the US, the UK, Japan, Singapore, and South Korea.
How can you protect yourself?
The government also mentions some "best practices" to keep attackers at bay. This essentially includes basic email hygiene like checking every email carefully, including the name of its sender and their email-ID, not clicking on any link/attachment in suspicious emails, and verifying the authenticity of a website before submitting information. CERT-In also says instances of attacks, if any, should be immediately reported to incident@cert-in.org.in.
Here's the full CERT-In advisory
CERT-In issued advisory on COVID 19-related Phishing Attack Campaign by Malicious Actors. pic.twitter.com/x8WO3TseCM
— CERT-In (@IndianCERT) June 20, 2020
