Forbes India|June 19, 2020
An employee working from home receives an email from his human resources (HR) department with the subject line ‘HR release on Aarogya Setu’. In early May, the government said the use of the contact tracing app was mandatory for all public and private sector employees. With this in mind, he unassumingly opens the email and clicks the download tab. But instead of being taken to the Aarogya Setu app, he is led to a malicious URL. His laptop is irreversibly locked.
Ransomware, a type of malware that encrypts computer files, is often deployed through links in emails—called phishing attempts. Once it enters a computer network, as in the case of the unsuspecting employee, it starts stealing data. In exchange for a decryption key, the hackers demand a ransom.
The coronavirus pandemic and the sudden shift to remote working for millions of employees have presented cybercrooks with a one-of-a-kind opportunity. So much so that in mid-April, Google reported that in just one week, it saw a whopping 18 million daily malware and phishing emails related to Covid-19, sent via Gmail alone. This is in addition to the 240 million daily Covid-19 related spam messages Google saw.
Closer home, the Indian Computer Emergency Response Team (CERTIn), an agency within the ministry of electronics and information technology that deals with cyber security issues, noted that hackers were exploiting people’s fears around the virus. It warned that precautionary emails appearing to originate from the domain of the World Health Organization (WHO) were actually phishing attempts, as were other emails, SMSes (smishing) or WhatsApp messages (whishing) on topics like ‘relief package’, ‘safety tips during corona’, ‘corona testing kit’, ‘corona vaccine’ and ‘payment and donation during corona’.
You can read up to 3 premium stories before you subscribe to Magzter GOLD
Log in, if you are already a subscriber
Get unlimited access to thousands of curated premium stories and 5,000+ magazines
READ THE ENTIRE ISSUE
June 19, 2020