Daily News
Indian users targeted by govt-backed phishing attacks: Google
The year 2020 has been dominated by COVID-19 and many hackers have used the pandemic to their advantage, by carrying out phishing attacks against users, duping them with emails and attachments that carry malware disguised as COVID-19 information.
A recent Google blog post claimed that users in India were being targeted by “government-backed” attackers.
However, the report does not mention whether the users were being targeted by their own government or others.
It also said that several India-based firms are spoofing the World Health Organisation (WHO) by creating fake Gmail accounts and luring business leaders in the disguise of informing them of the latest COVID-19 announcements, with the intention of hacking their personal and financial information.
We’ve seen new activity from “hack-for-hire” firms, many based in India, that have been creating Gmail accounts spoofing the WHO. The accounts have largely targeted business leaders in financial services, consulting, and healthcare corporations within numerous countries including, the U.S., Slovenia, Canada, India, Bahrain, Cyprus, and the UK. –Google blog post
These government-backed or state-sponsored hackers are mostly looking to collect intelligence or steal intellectual property. Some also target activists and people attempting to indulge in coordinated influence operations and disinformation campaigns.
Researchers at Check Point Software Technologies revealed in mid-May that they have seen 192,000 coronavirus-related cyber-attacks per week over the past three weeks, a 30 percent increase compared to previous weeks.
Just last month, Google has sent 1,755 warnings to users whose accounts were targets of government-backed attackers.
Google said that since March, it has removed more than 1,000 YouTube channels that were part of a large campaign and behaving in a coordinated manner.
The scams and emails usually have links to websites that feature fake login pages, which, in turn, are used to dupe people to give up their Google account credentials. At times, the log-in pages also ask users for personal information, such as their phone numbers.
In order to protect the users from such scams, Google has introduced its Advanced Protection Program which makes use of hardware security keys against phishing and account hacking.
—The Quint
You must be logged in to post a comment Login