What is CERT:
CERT is the acronym for Computer Emergency Response Team. This is owned by the government of India. They share advisory against Cyber attack. Most recently many cyber attacks are done on the pretext of Covid testing and vaccination
According to a recent advisory from CERT India, it has been reported that malicious actors are planning a large-scale phishing attack campaign against Indian individuals and businesses (small, medium, and large enterprises).
The phishing campaign is expected to use malicious emails under the pretext of local authorities in charge of dispensing government-funded Covid-19 support initiatives. The phishing campaign is expected to be designed to impersonate government agencies, departments, and trade associations who have been tasked to oversee the disbursement of the government fiscal aid.
The malicious actors are claiming to have 2 million individuals/citizens email IDs and are planning to send emails with the subject: free COVID-19 testing/vaccination for all residents of Delhi, Mumbai, Hyderabad, Chennai and Ahmedabad, inciting them to provide personal information.
The email Id expected to be used for the phishing campaign towards Indian individuals and businesses is expected to be from email such as “ncov201S@gov.in” and the attack campaign is expected to start on 10th January 2021.
Below are Phishing Best Practices to ensure that we do not fall prey to such scams and lose valuable data or money:
- Don’t open attachments in unsolicited e-mails, even if they come from people in your contact list, and never click on a URL contained in unsolicited e-mail, even if the link seems benign. In cases of genuine URLs, close out the e-mail and go to the organization’s website directly through browser.
- Leverage Pretty Good Privacy in mail communications. Additionally, advise the users to encrypt/protect the sensitive documents stored in the internet facing machines to avoid potential leakage.
- Exercise caution when opening e-mail attachments even if the attachment is expected and the sender appears to be known.
- Scan for and remove suspicious e-mail attachments; ensure the scanned attachment is its “true file type” (i.e. the extension matches the file header).
- Beware about phishing domain, spelling errors in emails, websites and unfamiliar email senders.
- Check the integrity of URLs before providing login credentials or clicking a link.
- Do not submit personal information to unknown and unfamiliar websites.
- Beware of clicking form phishing URLs providing special offers like winning prize, rewards, cashback offers.
- Consider using Safe Browsing tools, filtering tools (antivirus and content-based filtering) in your antivirus, firewall and filtering services.
- Update spam filters with latest spam mail contents.
Stay Safe in the Cyberworld and the real world!