SBI warns 2 million users may be at risk of phishing attacks in Delhi, Mumbai and other major cities
- SBI has issued a warning to its customers to beware of an impending phishing attack.
- CERT-In, India’s nodal cybersecurity agency, issued an advisory after cybercriminals threatened to unleash an attack on major cities like Delhi, Mumbai, Hyderabad, Chennai and Ahmedabad.
- The hackers claim to have over 2 million email IDs in their possession.
Attention! It has come to our notice that a cyber attack is going to take place in major cities of India. Kindly re… https://t.co/0AlzEw8QwF— State Bank of India (@TheOfficialSBI) 1592745315000
According to the warning issued by the Computer Emergency Response Team - India (CERT-In) — India’s nodal cybersecurity agency — the attack will target users in major cities across the country primarily in Delhi, Mumbai, Hyderabad, Chennai and Ahmedabad. The attackers reportedly have over 2 million email IDs in their kitty.
CERT-In issued advisory on COVID 19-related Phishing Attack Campaign by Malicious Actors. https://t.co/x8WO3TseCM— CERT-In (@IndianCERT) 1592674717000
This could be anything from donations to the PM-CARES Fund to EPF contributions.
“Such emails are designed to drive recipients towards fake websites where they are deceived into downloading malicious files or entering personal and financial information,” said CERT-In in its notice.
Last month, Microsoft also warned its users to beware of another coronavirus themed malware distribution campaign claiming to be from Johns Hopkins University. Emails were being sent out with booby-trapped spreadsheets with headlines like ‘horrible charts’. Opening the file will show you a legitimate chart, but it also installs a Remote Access Trojan (RAT) that allows hackers to control your computer remotely.
In May, Seqrite — a cybersecurity company — discovered another RAT attacking cooperative banks in India. Under the guise of being from the Reserve Bank of India or a nationalised bank, attackers were sending out emails that looked innocent enough, referring to COVID-19 guidelines or a financial transaction with a .zip attachment. The attachment included a JAR-based malware that would allow bad actors to take your device from a remote location.
How to protect yourself from phishing scams
In the wake of the coronavirus pandemic, more people working from home — and hackers are more active than ever preying on unsecured networks. “Cybercriminals are exploiting the coronavirus outbreak to send fake emails with dangerous links to employees,” said Norton, a cybersecurity company.
As risk escalates, it’s important to maintain a healthy suspicion for emails from email IDs you haven’t seen before, especially if its with respect to any coronavirus news. “Even if they promise news you are interested in, any information in the attachment will almost certainly be available from a more direct source, via a link of your own choosing,” said Paul Ducklin the principal research scientist at Sophos.
As a precautionary measure, one should have a malware detection tool or anti-virus installed to alert them in case something slips through the crack. At the minimum, all devices should be fully updated with the latest security patches.
Cognizant's ransomware attack is making peers like TCS and Infosys nervous — and they are beefing up security
Top cryptocurrency scams of 2019 — and how most hackers got away with it
Don’t buy new laptops, invest in virtual machines to protect against cyberattacks — suggests cybersecurity expert
- India’s techies are leaving IT firms in hordes — Here’s why
- After a near-record run at the top of Netflix's US Top 10 list, pop culture smash 'Squid Game' has been bumped by another show
- Elon Musk’s puppy, a new strategy to burn tokens, and altcoins playing catch up — the perfect storm for cryptocurrency Shiba Inu to skyrocket
- Best high speed monochrome printers in India
- Best portable room heaters in India
- Best nose pins for those without piercing in India
- Best high speed blenders in India
- G7 leaders favour CBDCs provided they ‘support and do no harm’ to central banks