In an advisory issued Friday, CERT-In said that the “phishing campaign is expected to impersonate government agencies, departments and trade associations who have been tasked to oversee the disbursement of the government fiscal aid”.
It warned people to be aware of “malicious phishing” emails, text messages, and messages on social media “to provide personal and financial information”. It said there may be several emails, including email@example.com, that spoof—or create fake email addresses that impersonate various authorities —which could be used in phishing.
“The malicious group claims to have 2 million individual email addresses and the attack campaign is expected to start on June 21,” the advisory stated. The “malicious actors”, it warned, are planning to send emails with the subject “free COVID-19 testing” for residents of Delhi, Mumbai, Chennai, Hyderabad and Ahmedabad.
CERT-In stated: “The phishing campaign is expected to use malicious emails under the pretext of local authorities in charge of dispensing government-funded Covid-19 support initiatives. Such emails are designed to drive recipients towards fake websites where they are deceived into downloading malicious files or entering personal and financial information.”
The agency has advised people to not open attachments from unsolicited emails and be cautious about phishing domains and spelling errors in emails as some of the methods of protection.
📣 The Indian Express is now on Telegram. Click here to join our channel (@indianexpress) and stay updated with the latest headlines