Phishing attacks using Covid-19 as bait
Where people all over the world on one hand are trying to fight against the global pandemic of Covid-19 on the other hand there are some people who find such pandemic as an opportunity to accomplish their goals through venomous activities over cyberspace. The hackers have got an excellent chance to utilise the situation to launch cyberattacks. Recently, a warning was issued by the Government dealing with the phishing attacks by the ‘Malicious actors’. People are required to be vigilant in this scenario as the attacks will most probably commence from 21 June 2020.
Phishing refers to the act of gaining confidential information by deception through the means of electronic media.
The term phishing is said to be coined by one of the major spammers and technology developer, Khan C Smith in the mid 90’s. The attackers use the e-mails as the weapon to target the prey. They try to create such mails which seem extremely trustworthy and could attract the reader easily. Further, the information is collected by the fraudulent agencies which causes huge financial loss and also leads to identity theft of the victim. There are various types of phishing other than the phishing through mails. Other types of phishing include, vishing which refers to voice phishing, smishing which is the sms phishing, whaling wherein the attackers have a big target like a CEO, pharming wherein the phishing is carried out by the visit on a particular website, deceptive phishing is the most common type of phishing and spear phishing wherein the target is a huge group instead of an individual. This cybercrime is now a threat to the people of India as observed by the Indian Computer Emergency Response Team (CERT-In).
The Government asked the people to act carefully while dealing with the mails as they could possess a phishing threat. It was suggested that the people should be alert in response to the massive phishing attack by the ‘Malicious Actors’ who could steal the sensitive information under the name of Covid-19. The Indian ComputerEmergency Response Team (CERT-In) tweeted that the massive phishing campaign by the ‘Malicious Actors’ is set to begin from today, i.e 21 June 2020. Further, Cert-In also mentioned that mails would be under the name of email@example.com. Cert-In stated that, “The phishing campaign is expected to use malicious emails under the pretext of local authorities in charge of dispensing government-funded COVID-19 support initiatives. Such emails are designed to drive recipients towards fake websites where they are deceived into downloading malicious files or entering personal and financial information.” The Indian Computer Emergency Response Team (CERT-In) is the office working in the Ministry of Electronics and Information and Technology founded on 19 January 2004 with its headquarters in Delhi. The team took this matter seriously and informed the citizens that, “The malicious actors are claiming to have two million individual/citizen email IDs and are planning to send emails with the subject free COVID-19 testing for all residents of Delhi, Mumbai, Hyderabad, Chennai and Ahmedabad, inciting them to provide personal information.” Further, CERT-In also notified the people with some important steps to fight against this attack. The steps included resistance from opening the unsolicited emails or attachments, forbid clicking on the unknown URLs in an unsolicited mails even if it seems known. CERT-In also provided the internet users with firstname.lastname@example.org, a platform to report any such incident so that appropriate action could be taken.
A similar incident was also addressed by the Microsoft team wherein the same way phishing was carried out.“For several months now, we’ve been seeing a steady increase in the use of malicious Excel 4.0 macros in malware campaigns.
In April, these Excel 4.0 campaigns jumped on the bandwagon and started using COVID-19 themed lures,” the team tweeted. The incident talks about the campaign in which the attackers install NetSupport Manager Access tool to gain remorse access. The Microsoft Security Intelligence on May 12 Team stated that the attackers are sending some malicious Excel attachments via emails through which the malware payload enters the systems. The Microsoft team found that the attacks took place via e-mails that pretend to come from John Hopkins Center and reflect details about the Covid-19 active cases in the United States. But in reality the e-mail consisted of Excel files that show graphical representation of pandemic data which also carried Excel 4.0 macros that prompt the users to ‘Enable Content’ and this led to the installation of NetSuporter Manager Client from a remote site. This way the attacker gains remote access to the system after the installation of the remote system.
Solutions to the problem of phishing
It is a well established fact that the incidents of phishing are increasing day by day. It has created havoc all over the world and on top of it the attackers are using the pandemic as a means to carry on with phishing. In order to deal with the problem there are some solutions provided by the Indian Computer Emergency Response Team (CERT-In) that are as follows:
● Detecting phishing
It is the foremost step wherein the person has to be alert and should act carefully regarding the issue. Many of the hackers use false trademarks which could be identified as the original owners provide a great help in this process by letting the victim know about the fraud planned under their name.
● Mail server Authentication
It plays an important role to safeguard ourselves from fraud as the mail server authentication enables the mail server to allow only the legitimate users to send mails.
● Web server Authentication
While carrying out online transactions we are prone to a number of risks which also includes the phishing attacks. Web server authentication protects us from such attacks by building strong authentication methods between the user, intermediaries and financial institutions.
● Gateway filtering of the mail
The malicious mails could be ceased at the gateway itself by deployment of the gateway scanners.
● Desktop filtering
The desktop should be equipped with anti-virus scanner, anti-spam filters, anti-spyware, trojan remover and desktop privacy software as most of the transactions are carried through desktops. Further, personal firewalls should also be installed for the detection of malicious activities. The desktop privacy software plays an important role as it notifies whenever any sensitive information is being transmitted through the system.
● Amendments in the policy of Financial Institutions.
The financial institutions have the most sensitive information about the customers which are prone to phishing attacks. Thus, the Financial Institutions should keep on amending their policies according to the changing situation to carry out online transactions safely.
● Awareness among users.
Most of the attacks are successful due to the carelessness of the user. The user should act wisely while dealing with such a situation. Moreover, the user should take all the essential steps to safeguard the system from any such attack. Further, the user should be aware about the existing cybercrimes and should be updated with the latest amendments regarding it. The user should also be well versed with the procedure of filing a complaint against such a cyber crime and should be alert regarding any suspicious activity.
● Anti-phishing tools
Sometimes the problems in the designing of the web browser provides an opportunity to the attackers to steal the information but the anti-phishing tools enable the user to detect the genuine users and the fraud web link could be easily caught.
Phishing is like a barrier for e-commerce which could be removed by our wisdom. The increase in the number of the incidents of phishing is a warning for us to become responsible and keep our sensitive information safely. Moreover the users should be cautious regarding such cyber crime. They should act like a prudent person instead of panicking and report any such incident pertaining in India to CERT-In and the victim could also approach the Cyber Crime Portal to file a complaint. Our carelessness paves the path for the criminals to commit cyber crimes, so, be alert and be safe.