One day after the Indian agency Cert-In, tasked with cybersecurity, issued an advisory regarding a possible cyber attack in the country, the Indian security agencies have also issued an alert on a possible cyberattack from the Chinese Army. The alert claims that the Chinese cyber warriors are expected to carry out a massive phishing attack. It is possible that this attack will be disguised as an offer for a free Covid-19 test.
As reported earlier, this new cyber attack will be a phishing attack which can be carried out via emails, SMS, and messages on social media. The content of such messages and mails mostly try to push individuals into giving up their personal and financial information. The Cert-In advisory claims that the attack will be done using an ID that will mimic a government organisation. Citizens are warned against IDs like “firstname.lastname@example.org”.
The email or message used for the phishing attack may come with a subject line similar to: “free Covid-19 testing for all residents of Delhi, Mumbai, Hyderabad, Chennai and Ahmedabad”. These messages will use the Indian government’s financial aid for Covid-19 as an excuse to extract critical personal information. The alert and advisory both claim that the attackers are in possession of around 2 million email-IDs which will be used to carry out the attack.
According to a report, Central security forces have been asked to direct their employees against opening or clicking on attachments in unsolicited e-mails, SMS or messages through social media. The alert states that employees employed with these forces should be extra cautious when it comes to opening attachments, even if the sender appears to be known. “Do not submit personal financial details on unfamiliar or unknown websites or links,” warns the alert. “It also asks to beware of e-mails, links providing special offers like Covid-19 testing, aid, winning prize, rewards, cashback offers.”