A.P C.I.D, Cyber Crimes Alert on Phishing Attempts-Covid19 treatment reimbursement

Threat Summary:

Cybercriminals are exploiting the Covid-19 situation by executing malicious campaigns. With increasing number of COVID-19 tests being conducted in the country, attackers have reportedly planned to launch a large-scale phishing campaign in the garb of reimbursement of COVID-19 treatment, to steal sensitive information form unsuspecting targets.

Modus Operandi:

         The attacker may send phishing emails to the targets using spoofed email address (likencovid19[@]gov[.]in, ncov2019[@]gov[.]in  or similar) appearing to come from the authorities responsible for dispensing government funded COVID-19 support initiatives under Government of India (Gol).

  • The email may inform the target about mandatory COVID-19 testing orders from Government of India and prompts him to register for testing by clicking on a malicious link. The link takes the target to a phishing webpage asking for personal and financial details, for stealing personal information.


  • Avoid downloading emails attachments or clicking on suspicious links received in emails from unknown or untrusted sources (especially in relation to Health Information or having the theme of COVID-19)
  • Use only trusted sources, such as legitimate government websites for up-to-date, fact-based information about COVID-19.
  • Never respond to unsolicited requests for personal or financial information on email.
  • Verify the authenticity of communications related to COVID-19 prior to performing the  action prompted by it
  • Organizations are recommended to share information about such campaigns at the earliest with their employees to remain alert. 



Go Back