STATE ALERTS NETIZENS OF PHISHING SHARKS
Hackers are using sophisticated phishing techniques to steal confidential data
The Maharashtra Cyber has issued an advisory alerting the citizens to follow cyber safety precautions and protect from being victim of phishing. According to Maharashtra Cyber, cybercriminals and hackers are using sophisticated phishing techniques to steal the confidential data of netizens.
The Maharashtra Cyber is a nodal agency established by the Government of Maharashtra to tackle cybercrimes and other digital threats.
The agency has said that a phishing kit is a collection of software tools that makes it easier for people with little or no technical skills to launch a phishing exploit.
“The goal is to trick the person into performing a specific action that will benefit the attacker, typically, this involves getting the victims to click on malicious links, open an infected attachment or authorise a transfer of funds,’’ it added.
According to Maharashtra Cyber, online hacker forums have huge collections of more than 1,300 phishing kits on sale that cover top rated websites, banks, and financial organisations on the internet.
"The list covers high value services including PayPal,Dropbox, Amazon, OneDrive, Office 365, Outlook, Gmail, Spotify, Netflix, Bank of America, Chase,
Wells Fargo, First Bank, Apple, Facebook and Linkedin. Low average price of phishing kits is to attract more cyber criminals into buying them to commit different sorts of phishing scam,’’ it said.
The agency said, since the kits target frequently used web applications such as Office 365, Amazon, Facebook, the cyber criminals can use them to launch phishing attacks on Indian individuals and organisations alike.
The Maharashtra Cyber has urged the netizens not to reveal personal or financial information in an email and never respond to email solicitations for this information.
The agency said the malicious websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain. Therefore, it has asked people to always check if the website URL starts with http which is a secure way to send data between a web and a web browser.
If unsure whether an email request is legitimate, the agency has asked to verify it with information outside the content of the email. "Never open any attachment or links shared by strangers via email. Doing these actions can install malware on your machine,’’ it added.