The State Bank of India (SBI) has warned its customers of a suspected cyber attack through emails. The largest bank of the country has urged its customers on social media to remain cautious of the malicious emails, links and attachments.
In a tweet, SBI said: “Attention! It has come to our notice that a cyber attack is going to take place in major cities of India. Kindly refrain yourself from clicking on emails coming from ncov2019@gov.in with a subject line Free COVID-19 Testing.
Attention! It has come to our notice that a cyber attack is going to take place in major cities of India. Kindly refrain yourself from clicking on emails coming from ncov2019@gov.in with a subject line Free COVID-19 Testing. pic.twitter.com/RbZolCjLMW
— State Bank of India (@TheOfficialSBI) June 21, 2020
According to the lender, the cybercriminals may send malicious emails titled ‘Free COVID-19 Testing’ and prompt customers to share their personal details. The attack is said to be planted for 2 million individual/citizen’s email IDs from top Indian cities including Delhi, Mumbai, Hyderabad, Chennai and Ahmadabad. Clicking links in these spam emails can pose risk of downloading malicious files, stealing personal or financial information.
It should be noted here that, the Centre’s Computer Emergency Response Team (CERT-In) has also issued an advisory regarding “COVID 19-related” phishing attack. The notification said that the malicious imposters will act as government agencies, departments, and trade associations servicing COVID-19 related financial aid to citizens.
The statement further said the spam mail ID may appear as: ncov2019[@]gov.in.
Ever since January, COVID-19 related searches have been on a spike and online impostors are using the same to attack people online. There has been a constant increase in COVID linked high risk domains, scams, and phishing lures. The notification says, that COVID-related high risk domains have spiked to more than 1.2 million within four months, ranging from January to April 2020, and the scams are whopping 1.6 million in the same period.
A lot of times these emails may look genuine as they may steal name of your contact and may appear much similar to your known contacts. So beware of opening any attachments in any of the unidentified emails. Never click on links shared in these unsolicited emails.
If any unsolicited email is citing government related URL or information for your pursual, you must never click directly on the link. Close the email and visit the organisation’s website directly. If it is a genuine information, there will be information on the official website.
Likewise, never open an e-mail attachment if the sender is unknown.
Always scan attachments before you open. Remove suspicious e-mail attachments. You must be sure that the attachment is the “true file type” (i.e. the extension should match file header).
Carefully verify domain names, spellings, and sender ids for spelling errors.
It is particularly COVID related cyber attack and thus customers should be vary of opening e-mails, links providing special offers & schemes for Covid-19 related testing. Don’t fall for free gifts, prizes, rewards, or cashback offers.
Before clicking any link or sharing your personal details check the authenticity of the URLs. You must never share information with unknown or unfamiliar websites.
Always make use of safe browsing practices and tools. Do use filter tools in your anti-virus and firewall.
Do not miss updating your spam filters. Any unusual activity or cyber attack attempt should be reported at @cert-in.org.in.