Don’t select links telling you to check on if you’re COVID infected, it may be a trap

Phishing attacks in the name of Aarogya Setu mobile application are witnessing a “high rise” as online scamsters are taking good thing about the increased inquisitiveness of internet users through the COVID-19 pandemic, India’s cyber security agency said on Saturday. It said attackers are also impersonating tools from the World Health Organisation and popular video-conferencing platforms like Zoom to steal sensitive data.

“Aarogya Setu app-focused phishing have seen high rise. Scammers impersonate as HR department, CEO, or any other known person and target users by spreading messages like ‘your neighbour is affected’, ‘see who each is affected’, ‘someone who came in touch with you tested positive’, ‘recommendations to self-isolate’, ‘guidelines to use Aarogya Setu’ amongst others,” the CERT-In said in a latest advisory accessed by PTI.

The Aarogya Setu application uses bluetooth and GPS to alert users and also require encountered persons who later tested positive for the coronavirus.

Phishing denotes to the cyber term of luring and cheating an internet user through a fake SMS or email and thereby breaching their privacy to steal sensitive information.

“In recent trends, threat actors are taking benefit of pandemic situation to trick the users to stop their sensitive information by taking good thing about the interest connected with recent novel coronavirus activities, news, and information,” the advisory said.

The Computer Emergency Response Team of India (CERT-In) may be the national technology arm to combat cyber attacks and guarding of the Indian cyber space.

It said cyber attackers (threat actors) impersonate popular video platforms like Zoom, Google Meet, Microsoft Teams, Aarogya Setu app and WHO to send phishing messages through SMS (smishing), WhatsApp (whishing) or phishing emails to steal identities and take part in other nefarious activities through the COVID-19 pandemic.

The cyber attackers, it said, are employing fake domains to impersonate popular programs to first lure the victims and send them links such as for example “relief package”, “safety tips during corona”, “corona testing kit”, “corona vaccine”, “payment and donation during corona”.

It said the name of the WHO was also being impersonated.

“Cyber criminals are sending phishing emails impersonating WHO and e-mails look like from the domain of WHO. Such e-mails may contain malicious file and URLs (universal resource locators),” it said.

The cyber agency suggested come counter-measures to check on this online menace:

Beware about the domain, spelling errors in emails, websites and un-familiar email senders; check the integrity of URLs before providing login credentials or clicking a web link and do not submit private information to unknown and unfamiliar websites.

It said users should exercise caution and steer clear of clicking dubious URLs providing special deals like winning prize, rewards, cashback offers and they practice safe browsing tools, filtering tools their anti-virus and use an effective firewall.