Phishing attacks in name of Aarogya Setu app increasing: Cyber agency
PTI, May 16, 2020, 6:48 PM IST
New Delhi: Phishing attacks in the name of Aarogya Setu mobile application are witnessing a “high rise” as online scamsters are taking advantage of the increased inquisitiveness of internet users during the COVID-19 pandemic, India’s cyber security agency said on Saturday.
It said attackers are also impersonating tools linked to the World Health Organisation and popular video-conferencing platforms like Zoom to steal sensitive data.
“Aarogya Setu app-focused phishing have seen high rise. Scammers impersonate as HR department, CEO, or any other known person and target users by spreading messages like ‘your neighbour is affected’, ‘see who all are affected’, ‘someone who came in contact with you tested positive’, ‘recommendations to self-isolate’, ‘guidelines to use Aarogya Setu’ among others,” the CERT-In said in a latest advisory accessed by PTI.
The Aarogya Setu application uses bluetooth and GPS to alert users who may have encountered people who later tested positive for the coronavirus.
Phishing denotes to the cyber term of luring and cheating an internet user through a fake SMS or email and thereby breaching their privacy to steal sensitive information.
“In recent trends, threat actors are taking advantage of pandemic situation to trick the users to give up their sensitive information by taking advantage of the interest associated with recent novel coronavirus activities, news, and information,” the advisory said.
The Computer Emergency Response Team of India (CERT-In) is the national technology arm to combat cyber attacks and guarding of the Indian cyber space.
It said cyber attackers (threat actors) impersonate popular video platforms like Zoom, Google Meet, Microsoft Teams, Aarogya Setu app and WHO to send phishing messages through SMS (smishing), WhatsApp (whishing) or phishing emails to steal identities and engage in other nefarious activities during the COVID-19 pandemic.
The cyber attackers, it said, are using fake domains to impersonate popular apps to first lure the victims and then send them links such as “relief package”, “safety tips during corona”, “corona testing kit”, “corona vaccine”, “payment and donation during corona”.
It said the name of the WHO was also being impersonated.
“Cyber criminals are sending phishing emails impersonating WHO and e-mails appear to be originating from the domain of WHO. Such e-mails may contain malicious file and URLs (universal resource locators),” it said.
The cyber agency suggested come counter-measures to check this online menace:
Beware about the domain, spelling errors in emails, websites and un-familiar email senders; check the integrity of URLs before providing login credentials or clicking a link and do not submit personal information to unknown and unfamiliar websites.
It said users should exercise caution and avoid clicking dubious URLs providing special offers like winning prize, rewards, cashback offers and they practice safe browsing tools, filtering tools their anti-virus and use a proper firewall.
Udayavani is now on Telegram. Click here to join our channel and stay updated with the latest news.
Top News
Related Articles More
BTS2024: If India can make rocket sensors, it can also make car sensors, says ISRO chief Somanath
World COPD Day: Know your lung function
SpaceX successfully launches ISRO’s 4,700 kg communication satellite from US
As AI and megaplatforms take over, the hyperlinks that built the web may face extinction
Plastic waste could double by 2050, researchers find, suggest policies to address issue
MUST WATCH
Latest Additions
10 month baby gets new heart, new life
Saura Swasthya launched: Karnataka to power 5,000 health facilities with solar energy
India-US ties have strong foundation: White House confident in navigating crisis over Adani bribery charges
PM Modi leaves for home after concluding three-nation visit
Siddaramaiah says confident of winning all three bypolls in Karnataka
Thanks for visiting Udayavani
You seem to have an Ad Blocker on.
To continue reading, please turn it off or whitelist Udayavani.