Page Loader
Home / News / Technology News / 'Massive' phishing attack likely against Indian individuals, businesses: Government
'Massive' phishing attack likely against Indian individuals, businesses: Government

'Massive' phishing attack likely against Indian individuals, businesses: Government

By Shubham Sharma
Jun 21, 2020
12:52 pm
What's the story

As the world celebrates International Yoga Day and Father's Day, the cyber-security agency working for the Government of India is raising alarms over a "massive" phishing attack campaign. The organization has warned that certain "malicious actors" are looking to target Indian citizens and businesses through a series of hacks and they are likely to begin today. Here is more about it.

Attacks

Phishing attacks related to COVID-19

According to an advisory issued by the Indian Computer Emergency Response Team (CERT-In), hackers are planning a large-scale COVID-19-related phishing attack against Indian individuals and businesses of all sizes. The campaign "is expected to use malicious emails under the pretext of local authorities in charge of dispensing government-funded COVID-19 support initiatives" and trick unsuspecting individuals into giving away their personal or financial information.

Details

Hackers likely to use spoofed email IDs

The CERT-In's warning emphasized that hackers are likely to target unsuspecting individuals using spoofed emails (like ncov2019@gov.in), which will look similar to those operated by government departments, agencies, and trade associations. Meanwhile, the message could revolve around financial aid, free testing, or other COVID-19-related relief initiatives by the Indian Government. It could be an actual initiative or a fake one, too.

Information

Then, the messages will direct to deceptive websites

Using the messages, the hackers will try to trick you into clicking a link, which may open a deceptive site mimicking a government portal or download malware. The former could trick you into entering information willingly, while the latter could mine it covertly.

Emails

20 lakh email IDs with the hackers

The government agency says that the hackers are claiming to have 20 lakh email IDs, and the attack is going to be a large one. It is likely to begin on June 21, but there is no way to be sure when it might actually happen. It could start at a later stage, considering the warning, or may have already begun.

Information

North Korean hacker group believed to be responsible

According to security research firm Cyfirma, the humongous phishing campaign has been plotted by Lazarus, a group of hackers sponsored by North Korea. They are also targeting individuals in other COVID-19-hit countries, including the US, the UK, Japan, Singapore, and South Korea.

Protection

How can you protect yourself?

The government also mentions some "best practices" to keep attackers at bay. This essentially includes basic email hygiene like checking every email carefully, including the name of its sender and their email-ID, not clicking on any link/attachment in suspicious emails, and verifying the authenticity of a website before submitting information. CERT-In also says instances of attacks, if any, should be immediately reported to incident@cert-in.org.in.

Twitter Post

Here's the full CERT-In advisory