New Delhi, June 26: With more people turning online for undertaking financial transactions in the Covid era, you cannot be immuned to the threat of cyber attacks. However, the Indian Computer Emergency Response Team (Cert-In), part of the ministry of electronics & information technology, had warned millions of Indians could face cyber threats posed by fake emails, social media posts, or text messages, asking for free Covid-19 testing across India. In fact, the country's largest lender State Bank of India has also issued a warning for its account holders to remain careful of any cyber attack.


A Singapore-based cybersecurity company CYFIRMA has reported that a hacker group backed by North Korea is planning a large-scale phishing campaign in six countries, including India, as per the business daily Mint. Following this report, the Cert-In has warned Indians against the attack. The Reserve Bank of India, too, issued an advisory on June 22 informing about precautions to carry safe digital transactions.


Also Read: Indians' Money In Swiss Banks Fell 6% In 2019 To Rs 6,625 Crore

What does SBI warning say?

The lender has given a warning to its existing customers about the potential attack, India's largest lender tweeted, "Attention! It has come to our notice that a cyber attack is going to take place in major cities of India. Kindly refrain yourself from clicking on emails coming from ncov2019@gov.in with a subject line Free COVID-19 Testing."



"We have received a worrying report from CERT-In that the phishing attack is expected to be carried out by cybercriminals using the suspicious email - ncov2019@gov.in from 21st June."

"The cybercriminals are claiming to have a 2 million individual/citizen's email IDs and are planning to send email with subject "Free COVID-19 Testing" inciting personal details from the residents of the following cities: Delhi, Mumbai, Hyderabad, Chennai and Ahmedabad," the advisory added.

Here is what you should do to prevent any cyber attack.

  • Make sure that you don’t open attachments in unsolicited emails even if it comes from people in your contact list and never click on a URL contained in an unsolicited email.

  • In case it seems to be a genuine URL, shut the email and prefer checking the organisation's website through the browser and check if such information is given there.

  • Always remain cautious while opening e-mail attachments even if the attachment is expected and the sender appears to be known.

  • Another most important thing is to scan for and remove suspicious e-mail attachments; ensure the scanned attachment is its "true file type" (i.e. the extension matches the file header).

  • Also take care of the phishing domain, spelling errors in emails, websites and unfamiliar email senders.

  • Always exercise caution when you see e-mails, links that mentions special offers like Covid-19 testing, aid, winning prize, rewards, cashback offers."

  • Check the integrity of URLs before providing logging credentials or clicking a link.

  • Never submit any personal information to unknown and unfamiliar websites.

  • Make sure that you are using safe browsing tools, filtering tools in your anti-virus, firewall and filtering services.

  • It’s prudent to update spam filters with latest spam mail contents. Lastly any unusual activity or attack should be reported at @cert-in.org.in.