By NN Dharmasena

Hyderabad: Twitter and Facebook users are forwarding an alleged office memo of Directorate General (DG) of Central Industrial Security Force (CISF) issued to the ISGs of all sectors and the Director of NISA Hyderabad on June 21, 2020.

Dg Cisf Tweet

Fact Check:

The viral posts about CERT-In advisory of possible phishing attacks are TRUE, but the claim that these are sponsored by the Chinese Army is FALSE.

The alleged memo is an alert to the CISF personnel about a phishing attack. The memo alerted the staff not to fall prey to emails from addresses like [email protected] and or with subject lines like Free Covid-19 testing for all residents of Delhi, Mumbai, Hyderabad, Chennai, and Ahmedabad.

The DG CISF warned the staff to not open links or attachments on unsolicited SMS’s, emails, or messages on social media and observe spelling errors in email addresses and websites. The memo advised the staff not to provide login or personal and financial details to unknown and unfamiliar websites or links.

As per the memo, the DG CISF office issued the alert based ‘on the advisory submitted by the Computer Emergency Response Team- India (CERT-In) regarding a potential cyber offensive attack from the Chinese army.’

It said that the CERT-In informed that “in the guise of a free Covid-19 test, Chinese cyber warriors could be carrying out a massive phishing attack.”

The CERT-In said: “The phishing campaign is expected to use malicious emails under the pretext of local authorities in charge of dispensing government-funded Covid-19 support initiatives. Such emails are designed to drive recipients towards fake websites where they are deceived into downloading malicious files or entering personal and financial information.”

As a reference to the advisory, the CERT-In gave the reference to stories published on Zeenews.India.com and Cyfirma.com, with a disclaimer that the information provided is on “as is” basis, without warranty of any kind.

The Cyfirma, which Zeenews is also quoted as the source, is a cybersecurity company that has a vision of unraveling cyber risks and threats for a safer society. In its early-warning post on the website, global COVID 19-related phishing campaign by North Korean operatives Lazarus group exposed by cyfirma researchers.

It informed that hacker groups are planning a large-scale phishing campaign targeted at more than 5M individuals and businesses (small, medium, and large enterprises) across six countries and multiple continents.

It also revealed a schedule to launch the phishing attack by Lazarus group, funded by North Korea. The schedule is as follows:

Country Name                      Campaign Launch                      Date Target

USA                                        20 June 2020                              Individuals

UK                                          20 June 2020                              Businesses

Japan                                     20 June 2020                              Individuals

India                                      21 June 2020                               Individuals

Singapore                             21 June 2020                               Businesses

South Korea                         21 June 2020                               Individuals

The template of the phishing email, shared by Cyfirma is

Phishing Email

Alerted by the CERT-In, SBI and Kotak also issued advisories to the customers.

Banks

Sbi Card

A Facebook user shared an image on his wall, which shows an alleged screenshot of a mail from [email protected] with the subject ‘free distribution of Covid-19 protective equipment (Ministry of health India) and attachments of .pps and .ppt’.

Email

Social media users liked and started spreading information. The email ID was changed into a website and there are no precautions about opening a phishing link. [email protected], [email protected], emails are the helpline email IDs operated by the Ministry of Health and Family Welfare, Government of India.

Hence, the viral posts about CERT-In advisory of possible phishing attacks are TRUE, but the claim that these are sponsored by the Chinese Army is FALSE.

Newsmeter Network

An independent digital media platform that brings you credible news stories and Analysis of current affairs as they unfold.

Leave a Reply

Your email address will not be published. Required fields are marked *