State Bank of India (SBI) customers need to be extra careful for the next few days. The government has warned of a major phishing attack in India in the name of free Covid-19 testing across the country. The warning states that a large-scale cyberattack has been planned by cyber crooks where they may use Covid-19 as bait to steal personal and financial information of millions of people.
The Indian Computer Emergency Response Team (CERT-In) has issued an advisory warning that the potential phishing attacks could impersonate government agencies, departments and trade bodies.
“Phishing campaign is expected to impersonate government agencies, departments and trade associations who have been tasked to oversee the disbursement of the government financial aid,” the warning said.
What is at risk?The warning adds that SBI customers will get a link from firstname.lastname@example.org with a subject line Free COVID-19 Testing which they should not click on at any cost.
“Attention! It has come to our notice that a cyber attack is going to take place in major cities of India. Kindly refrain yourself from clicking on emails coming from email@example.com with a subject line Free COVID-19 Testing,” the advisory said.
SBI too has acknowledged the threat and put out a tweet from its official handle, warning its customers.
“We have received a worrying report from CERT-In that the phishing attack is expected to be carried out by cybercriminals using the suspicious email – firstname.lastname@example.org from 21st June,” it tweeted.
The cybercriminals are claiming to have a 2 million individual/citizen’s email IDs and are planning to send email with subject “Free COVID-19 Testing” inciting personal details from the residents of following cities: Delhi, Mumbai, Hyderabad, Chennai and Ahmedabad, the advisory added.
How to stay safe?The advisory explains that customers need to check the complete mail ID of the sender and verify that the name of the email sender matches the one in the “from” field. They need to be cautious with emails and files received from unknown senders, especially if they are offering special deals or discounts, or offering any free service related to COVID-19.
The customers should refrain from clicking on any link, or scan the QR code in such mails or input any personal information, sensitive information, ID or passwords in the same (either official or personal). Do not open unknown attachments or click on links within the emails.
“Beware of email addresses, spelling errors in emails, websites and unfamiliar email senders,” stated the advisory, warning citizens to not submit personal financial details on unfamiliar or unknown websites or links. “Beware of emails, links providing special offers like Covid-19 testing, aid, winning prize, rewards, cashback offers,” the government advisory further added.