Chinese threat actors popularly known as cyber-crime actors have made over 40,300 cyber-attacks targeting various Indian sectors, in just the last 5 days. This information is in accordance with the data shared by Maharashtra’s cybersecurity cell. This recent surge in cyber-attacks came right after the increased geopolitical tensions in the Galway Valley at the India-China border.
Since 2016, India has been the No.1 target of cyber-attacks from China, closely followed by the US, South Korea, Hong Kong, Germany, and Japan. The most frequent areas of target are the government websites, telecommunications, media, transportation, and high-tech.
There is more to these cyber-attacks than just warfare. The ultimate goal of the Communist Party of China is not cyber warfare but to undermine and influence the policies, security, and stability of other countries through benefits obtained from propaganda. An advisory has been issued by the Government of India on its online national cyber-crime portal. A probable large phishing attack planned by Chinese state-backed hackers has been warned by the Indian government. An email address firstname.lastname@example.org has been cited as the email that is being used for this phishing attack. According to the advisory, the Chinese hackers have gotten hold of over 2 million email addresses and are claiming to offer “free COVID-19 testing for the residents of Mumbai, Hyderabad, Chennai, Delhi, and Ahmedabad”. These emails have caused a growing threat among the population and people are eager to know about ways to stay protected from such hackers.
On this note, let us educate you about ways to protect yourself from getting your information leaked through such emails.
1. Verify the Email Address
Chinese hackers are using the email address with the suffix ‘gov.in’. This suffix is typically used by government organizations so it can be quite difficult to differentiate the real emails from the fake ones. The important point to take care of is to look out for words such as “Free”, “Discount”, “Offers” etc. Such words are not used by genuine government agencies. Such emails usually have something “off” about them and if you read the addresses correctly, you’ll be able to pinpoint whether it’s genuine or not.
2. Refrain from Opening the Attachments
Beware to not open any attachments from such emails as these contain executive malware which gets downloaded in your device and then steals important financial and personal information from your device. Do not open any mail with an attachment unless you know about the person or source it came from.
3. Don’t Disclose Any Financial or Personal Information
Many such phishing emails claim that user will get free benefits or lottery if they reply in a stipulated amount of time with their bank details, financial information, and personal information. DO NOT disclose your personal or financial information to these emails.
4. Verify the Links
Phishing attacks try to fabricate official website links which when clicked upon will direct you to a remote server that will try to steal your data. A simple Google search will help you get rid of any doubts that you have about government websites. Also try to look for ‘HTTP’ tag at the start of the link and see if the webpage you have been directed to, has a valid certificate.
5. Report Any Suspicious Activity
Indian government has an anti-phishing portal where such emails can be reported. The portal is called report phishing.in. Make sure to report such emails and do not ignore them. It is important for your safety as well as of those around you.
The Chinese hackers might try all they want to get information about us and our country but by following these simple measures we too can do out a bit in protecting our nation. It is important to adhere to the government guidelines and report such emails to the government portal so that our government can take necessary action against these hackers.