SBI warning: The State Bank of India (SBI), India’s largest lender, has issued a warning for its users to beware of an imminent phishing attack (cyber attack). The Indian Computer Emergency Response Team (CERT-In) on Sunday had warned that in a major phishing attack, millions of Indians could be targeted by fake emails, social media posts, or text messages, which promises free Covid-19 testing across India.
A large-scale cyberattack has been planned by cyber crooks where they may use Covid-19 as bait to steal personal and financial information. The cyberattack conducted by “malicious actors”, will be done in the guise of a Covid-19 related with the subject like ‘Free COVID-19 Testing’ via emails from ‘email@example.com’.
“The cybercriminals are claiming to have a 2 million individual/citizen’s email IDs and are planning to send email with subject “Free COVID-19 Testing” inciting personal details from the residents of following cities: Delhi, Mumbai, Hyderabad, Chennai and Ahmedabad,” the advisory added.
Attention! It has come to our notice that a cyber attack is going to take place in major cities of India. Kindly refrain yourself from clicking on emails coming from firstname.lastname@example.org with a subject line Free COVID-19 Testing,” SBI twteeted on Sunday.
The Indian Computer Emergency Response Team (CERT-In) has issued an advisory warning that the potential phishing attacks could impersonate government agencies, departments and trade bodies. It stated, “Phishing campaign is expected to impersonate government agencies, departments and trade associations who have been tasked to oversee the disbursement of the government financial aid.”
What to do if you receive such malicious email
- Don’t open attachments in unsolicited emails, even if they come from people in your contact list and never click on a URL contained in an unsolicited email.
- If it seems a genuine URL, close the email and go to the organisation’s website directly through the browser and check if such information is given there.
- Exercise caution when opening e-mail attachments even if the attachment is expected and the sender appears to be known.
- Scan for and remove suspicious e-mail attachments; ensure the scanned attachment is its “true file type” (i.e. the extension matches the file header).
- Beware about phishing domain, spelling errors in emails, websites and unfamiliar email senders.
- Beware of e-mails, links providing special offers like Covid-19 testing, aid, winning prize, rewards, cashback offers.”
- Check the integrity of URLs before providing logging credentials or clicking a link.
- Don’t submit personal information to unknown and unfamiliar websites.
- Consider using safe browsing tools, filtering tools in your anti-virus, firewall and filtering services.
- Update spam filters with latest spam mail contents.Any unusual activity or attack should be reported immediately at @cert-in.org.in.