Phishing attack to steal personal, financial data by 'malicious actors' expected on June 21: Centre

The government has asked people to remain in alert against a phishing attack that could be used to steal personal and financial information in the garb of official communication on coronavirus COVID-19 pandemic.

According to Indian Computer Emergency Response Team (CERT), the phishing attack campaign by "malicious actors" is expected to start from June 21 (Sunday). Notably, the CERT-In falls under the Information Technology Ministry and it works to protect Indians from cyber threats.

"The phishing campaign is expected to use malicious emails under the pretext of local authorities in charge of dispensing government-funded COVID-19 support initiatives. Such emails are designed to drive recipients towards fake websites where they are deceived into downloading malicious files or entering personal and financial information," CERT-In said in a statement.

CERT-In issued advisory on COVID 19-related Phishing Attack Campaign by Malicious Actors. pic.twitter.com/x8WO3TseCM — CERT-In (@IndianCERT) June 20, 2020

"...The malicious actors are claiming to have two million individual/citizen email IDs and are planning to send emails with the subject free COVID-19 testing for all residents of Delhi, Mumbai, Hyderabad, Chennai and Ahmedabad, inciting them to provide personal information. These malicious actors are planning to spoof or create fake email IDs impersonating various authorities. The email ID expected to be used for the phishing campaign towards Indian individuals and businesses is expected to be from email such as 'ncov2019@gov.in' and the attack campaign is expected to start on June 21, 2020," added the statement.

The cyber security agency has warned people against opening attachments in unsolicited emails, even if they come from people in their contacts list.