New Delhi | Jagran Technology Desk: Taking advantage of COVID-19 pandemic, and the curiosity among the masses related to the different aspects of it, the scammers are increasingly executing phishing attacks inspired by the Aarogya Setu app and various video calling apps.

The Indian Computer Emergency Response Team (CERT-IN) alarmed the reviewers in its latest alert that there has been a significant rise in phishing attacks in the name of the Aarogya Setu contact tracing app as well as video meeting apps such as Zoom, Microsoft Teams and Google Meet.

Phishing is a cybercrime in which a target or targets are contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information – name, age, address, bank details etc.

“Threat actors are taking the interest of users related to coronavirus and performing threats. New phishing domains are created which are centred around the subject such as "relief package", "safety tips during corona", "corona testing kit", "corona vaccine", "payment and donation during corona". Threat actors trick users through phishing e-mails and messages based on the above subjects,” CERT-IN stated in its advisory.

The CERT-IN revealed that scammers are impersonating the World Health Organisation (WHO), HR departments and top executives of companies or any other person whom a user may know to spread fake and disseminate the reference of above-mentioned apps, whose use has been necessitated due to widespread lockdowns that suggest “Your neighbour is infected”, “See who all are infected”, “Someone who came in contact with you tested positive”, “recommendations to self-isolate” and “Guidelines to use Aarogya Setu app”.

What precautions one is supposed to take?

- According to the CERT-IN advisory, one should watch out for phishing domains, spelling errors in emails, websites and unfamiliar email senders. 

- Users should not download or open any file received in an email or an SMS link, from unknown contact.

- Never submit your personal information on unfamiliar websites and beware of clicking on links that offer rewards etc. 

- Computing devices must have installed firewalls and antivirus solutions to warn you in case of attempted phishing attacks.

Posted By: Aalok Sensharma