A day after Indian security agencies and CERT-In issued an alert about a possible cyber attack by Chinese entities in the guise of free Covid-19 tests, the Maharashtra Cyber department has now issued a warning that Chinese Cyber attackers could be carrying out massive phishing attacks. The department issued an advisory on Tuesday in which it had reported that the Chinese cyber attackers are planning a massive phishing attack.
https://twitter.com/ANI/status/1275400412342833152?ref_src=twsrc%5EtfwThe cyber department asserted in its notice that the phishing attack is expected to impersonate government agencies, departments and trade associations who have been asked to oversee the disbursement of government fiscal aid.
State Cyber department special IG Y Yadav said, “In the last 4-5 days, resources on cyberspace of India especially related to information, infrastructure and banking have been under attack from China. At least 40,300 such cyber attacks were attempted, most of them can be traced to Chengdu area of China.”
The cyber department has pointed out some safety measures to avoid the aforementioned risks. It is mentioned to avoid opening or clicking on the attachment in an unsolicited e-mail, SMS, or messages through social media and exercise extra caution in opening attachments, even if the sender appears to be known.
The notice warns individuals to be cautious of e-mail addresses, spelling errors in the emails, websites, and unfamiliar e-mail senders and people have been advised to not submit personal financial details on unfamiliar or unknown websites/links. ‘Beware of e-mails, links providing special offers like Covid-19 testing. Aid, winning prize rewards, cashback offers’, the Maharashtra cyber department warned.
The cyber department suggested checking the integrity of URLs before providing login credentials or clicking a link. People were also urged to consider using safe browsing tools, filtering tools (anti-virus and content-based filtering) in their anti-virus, firewall, and filtering services.
Additionally, people were also requested to update spam filters with the latest spam mail contents and leverage good privacy in mail communications. Additionally, advise users have been advised to encrypt protect the sensitive documents stored in the internet-facing machines to avoid potential leakage.