Moneycontrol PRO
Open App
you are here: HomeNewsTechnology

Coronavirus pandemic | Scam alert! Here’s how to protect yourself from phishing

A phishing attack comes in many forms-- a phone call, an email, a website or even a pop-up.

April 17, 2020 / 06:42 PM IST

More than half of the world’s population has been ordered to stay at home to stonewall the rampaging coronavirus. India’s 1.3 billion people have already spent at least 23 days in a lockdown and most will continue to do so till May 3.

The pandemic may have confined people to their homes but not cybercriminals, who are making the most of it, as more and more people take the technological leap for work, daily needs, staying in touch with family and friends and for entertainment.  

Tech giant Google said on April 17 it saw more than 18 million daily malware and phishing emails related to COVID-19 in the week gone by. COVID-19 is the respiratory disease caused by the coronavirus.

More than 240 million COVID-related spam messages came in every day, Google said.

The tech giant said it was able to detect and filter these threats out, blocking almost 99.9 percent of spam, phishing, and malware.

Close

COVID-19 Vaccine

Frequently Asked Questions

View more
How does a vaccine work?

A vaccine works by mimicking a natural infection. A vaccine not only induces immune response to protect people from any future COVID-19 infection, but also helps quickly build herd immunity to put an end to the pandemic. Herd immunity occurs when a sufficient percentage of a population becomes immune to a disease, making the spread of disease from person to person unlikely. The good news is that SARS-CoV-2 virus has been fairly stable, which increases the viability of a vaccine.

How many types of vaccines are there?

There are broadly four types of vaccine — one, a vaccine based on the whole virus (this could be either inactivated, or an attenuated [weakened] virus vaccine); two, a non-replicating viral vector vaccine that uses a benign virus as vector that carries the antigen of SARS-CoV; three, nucleic-acid vaccines that have genetic material like DNA and RNA of antigens like spike protein given to a person, helping human cells decode genetic material and produce the vaccine; and four, protein subunit vaccine wherein the recombinant proteins of SARS-COV-2 along with an adjuvant (booster) is given as a vaccine.

What does it take to develop a vaccine of this kind?

Vaccine development is a long, complex process. Unlike drugs that are given to people with a diseased, vaccines are given to healthy people and also vulnerable sections such as children, pregnant women and the elderly. So rigorous tests are compulsory. History says that the fastest time it took to develop a vaccine is five years, but it usually takes double or sometimes triple that time.

View more
Show

But only you can be your best guard.

A phishing attack comes in many forms-- a phone call, an email, a website or even a pop-up. It can get difficult to stay ahead of the scammers but paying attention to details is a good start. 

Follow LIVE updates on the COVID-19 pandemic here

Here is a quick guide to swatting such phishing expeditions: 

Phone calls or SMS safeguards

Phone calls are the most common route for scammers to fish for information. They could be after your personal details, your bank account, credit card information, ATM cards or PIN or all of the above.

1 Never share information like your personal identification number (PIN) or one-time password (OTP) over the phone.

2 No bank asks you to share PIN on the phone. They have other ways to verify your identity and process account details. The most they can ask is for you to key-in details via your phone’s keypad. Do not share this information with an unverified caller.

3 Always be careful when someone says they are calling from your bank. Usually, banks do not call customers to share information. Banks typically call to crosscheck a transaction done by a customer.

4 “We are calling from your bank.” This is the calling card of scammers, who shy away from naming the bank. Always, always insist on the name of the bank and to be doubly sure, ask for the branch as well.

5 When in doubt, cut it out. If you feel something is not right, disconnect the call immediately and then go to the customer support number to check with the bank if the call was legit.

6 Many smartphones and apps provide caller identification option, which alerts you if the call or the number is blacklisted for phishing or spam calls. But these apps have their privacy concerns, too, so be careful.

Also read: Coronavirus pandemic | No locking down cyber crime, Maharashtra sees a 25% spike in two weeks

Online safeguards

Oh, the promise of riches. Remember that email from a Nigerian prince or a British businessman promising to make you a millionaire in return for a few thousand rupees? That was an old trick. Scammers have since moved on.

1 Never click on links, download and open attachments or respond to emails that are not meant for you or you are not expecting, especially the ones asking for money or offering something for free via a clickable link.

2 Always open your internet browser and type in manually the website or URL to visit the website or service in question. Do not click on links in emails or messaging services—they could be masked or shortened URLs hiding a malicious link.

3 Scammers often use official company logos to make their emails, websites or messages look real. Always check other credentials on the website or message.

4 Cybercriminals often use email addresses and website URLs that resemble those of the real company by misspelling them--a URL with Google spelled with an extra ‘O’ (Gooogle) or Microsoft spelled as Microsofts. This method is called typosquatting or URL hijacking, be watchful of them.

5 On websites or pop-up sites, always look for misspelled company names, wrong spelling, bad or pixelated imagery, these are telltale signs of malicious intent. An anti-phishing app can also help scan and filter out such messages and attachments.

5 If you get a mail with a password reset link or approve an account link, never click it unless you have initiated the process. 

6 Always have the customer support numbers of your bank, credit card companies and other services at hand. You can immediately alert the bank or block your card if you have doubts. Always do this, you can never be too careful.

(Anand Murali is a senior tech journalist based in Bengaluru.) 
Invite your friends and family to sign up for MC Tech 3, our daily newsletter that breaks down the biggest tech and startup stories of the day

Anand Murali
first published: Apr 17, 2020 06:42 pm
Sections
ISO 27001 - BSI Assurance Mark