A Singapore-based cybersecurity company CYFIRMA has reported that a hacker group backed by North Korea is planning a large-scale phishing campaign in six countries, including India, as per the business daily Mint. Following this report, the Cert-In has warned Indians against the attack. The Reserve Bank of India, too, issued an advisory on June 22 informing about precautions to carry safe digital transactions.
Also Read: Indians' Money In Swiss Banks Fell 6% In 2019 To Rs 6,625 Crore
What does SBI warning say?
The lender has given a warning to its existing customers about the potential attack, India's largest lender tweeted, "Attention! It has come to our notice that a cyber attack is going to take place in major cities of India. Kindly refrain yourself from clicking on emails coming from ncov2019@gov.in with a subject line Free COVID-19 Testing."
"We have received a worrying report from CERT-In that the phishing attack is expected to be carried out by cybercriminals using the suspicious email - ncov2019@gov.in from 21st June."
"The cybercriminals are claiming to have a 2 million individual/citizen's email IDs and are planning to send email with subject "Free COVID-19 Testing" inciting personal details from the residents of the following cities: Delhi, Mumbai, Hyderabad, Chennai and Ahmedabad," the advisory added.
Here is what you should do to prevent any cyber attack.
- Make sure that you don’t open attachments in unsolicited emails even if it comes from people in your contact list and never click on a URL contained in an unsolicited email.
- In case it seems to be a genuine URL, shut the email and prefer checking the organisation's website through the browser and check if such information is given there.
- Always remain cautious while opening e-mail attachments even if the attachment is expected and the sender appears to be known.
- Another most important thing is to scan for and remove suspicious e-mail attachments; ensure the scanned attachment is its "true file type" (i.e. the extension matches the file header).
- Also take care of the phishing domain, spelling errors in emails, websites and unfamiliar email senders.
- Always exercise caution when you see e-mails, links that mentions special offers like Covid-19 testing, aid, winning prize, rewards, cashback offers."
- Check the integrity of URLs before providing logging credentials or clicking a link.
- Never submit any personal information to unknown and unfamiliar websites.
- Make sure that you are using safe browsing tools, filtering tools in your anti-virus, firewall and filtering services.
- It’s prudent to update spam filters with latest spam mail contents. Lastly any unusual activity or attack should be reported at @cert-in.org.in.