India-China standoff: ITBP internal memo warns personnel of Chinese phishing attack

The Indian Computer Emergency Response Team (CERT-ln) of the Ministry of Electronics and IT has issued an advisory regarding a potential cyber attack from Chinese 'cyber warriors' against the Indian Army, an ITBP internal memo suggests.

The development is significant since Indo-Tibetan Border Police is deployed at various sensitive locations along the Line of Actual Control of the Indo-China border. This phishing attack is expected to impersonate various government agencies and departments, including personnel from various Central Armed Police Forces.

The phishing attack is supposed to be in guise of general details like "free COVID-19 test", which could come from spoofed e-mail IDs like (ncov2019@gov.in). Cybercriminals could use possible phishing e-mail subject lines like 'Free Covid-19 testing for all residents of Delhi, Mumbai, Hyderabad, Chennai and Ahmedabad', the department has said.

The government had also warned people that malicious actors were planning a large-scale phishing attack against Indian individuals and businesses, including small, medium and large enterprises. The phishing campaign is expected to use malicious emails under the pretext of local authorities in charge of dispensing government-funded COVID-19 support initiatives, it said.

Also read: Not the right time to disrupt global supply chain; can send wrong message to world: USISPF Prez Mukesh Aghi

What you can do if you receive malicious email

• Don't open attachments in unsolicited emails, even if they come from people in your contact list and never click on a URL contained in an unsolicited email, even if the link seems benign. If it seems like a genuine URL, close the email and go to the organisation's website directly through the browser and check if such information is given there.
• Leverage Pretty Good Privacy in mail communications. Additionally, advise the users to encrypt or protect the sensitive documents stored on the internet-facing mechanics to avoid potential leakage.
• Exercise caution when opening e-mail attachments even if the attachment is expected and the sender appears to be known.
• Scan for and remove suspicious e-mail attachments; ensure the scanned attachment is its "true file type" (i.e. the extension matches the file header).
• Beware about phishing domain, spelling errors in emails, websites and unfamiliar email senders.
• Check the integrity of URLs before providing logging credentials or clicking a link.
• Don't submit personal information to unknown and unfamiliar websites.
• Consider using safe browsing tools, filtering tools in your anti-virus, firewall and filtering services.
• Update spam filters with latest spam mail contents.
• Any unusual activity or attack should be reported immediately at @cert-in.org.in.

Also read: DHL stops shipments from China, Hong Kong, Macao; cites severe customs delays