According to Computer Emergency Response Team of India (CERT-In), Aarogya Setu application focussed phishing attacks are increasing rapidly as malicious actors are taking advantage of the increased inquisitiveness of internet users during the COVID-19 pandemic.
As part of their attack strategy, these scammers are using fake domains to impersonate popular apps such as Zoom, Google Meet, Microsoft Teams and WHO to send phishing messages and then steal sensitive data.
To this end, CERT-In has recommended some counter-measures. The cyber agency has suggested that users should be aware about the domain, spelling errors in emails, websites and un-familiar email senders. Further, they should check the integrity of URLs before providing login credentials or clicking a link and should not submit personal information to unknown and unfamiliar websites.
In addition, CERT-In has also recommended that users should exercise caution and avoid clicking suspicious URLs providing special offers like winning prize, rewards, cashback offers and they practice safe browsing tools, filtering tools their anti-virus and use a proper firewall.