The recent pandemic of COVID 19 outbreak has taught us many lessons and pushed us to stay indoors. World economy and Federal Governments are at a new start due to this pandemic. While we are learning to live a new life some scammers take advantage of such situations and fooling innocent people. Let look at some of the most common phishing scams that are prevailing during this COVID 19 pandemic particularly in India and how we can be safe from the same.

Phishing emails asking for donations to the PM CARES and other relief funds

The central government created a separate PM CARES Fund (Prime Minister’s Citizen Assistance and Relief in Emergency Situations Fund) to collect citizen donation to combat COVID-19 using digital payment mediums ad this program is widely being spread in all platforms. Many state government have also created such funds and asking for donations to CM Relief funds through digital payments.

Cyber criminals are taking advantage of this situation to cheat unsuspecting and innocent citizens who are eager to help. They are creating similar looking and fake websites and social media pages and also using SMS and WhatsApp to spread fake UPI Ids like pmcare@sbi, pmcarefund@sbi, pmcares@hdfcbank, pmcares@pnb, pmcares@icicibank, etc.

We need to take extra caution when ever making such donations and should verify the UPI ID and Account Name with exact spelling. SBI is the only bank authorised to receive donations in PM CARES fund and the official UPI Id is pmcares@sbi and the account name is PM CARES.

Phishing Mails asking for donation to NGOs

Another pattern of phishing email is asking for donations to certain fake NGOs in the name of buying medical supplies, food, etc. Before making any such donations you should thoroughly verify the NGO registration and credentials.

Malicious Tools Download Scam in the name of “Track Corona Virus”

You might also encounter with emails, text messages or WhatsApp messages saying download this tool to tract the virus. Cyber attackers are taking advantage of this situation and sending suspicious links from spam mail ids in the name of virus racking app. Please do not click any such links or download any such applications on your mobile, as there may be tracking codes, malware, ransomware or any other malicious programs.

You can use the official Arogya Setu App to check and track COVID 10 related authentic information. Please note that there are face Arogya Setu apps too in the Play Store, so please cross check the developer source before any download.

E-mails from WHO or Indian Government

Whenever you receive any mail impersonating as WHO or any Government officials asking for any personal details or banking details to deposit various government scheme payments, you have to immediately report the same on the national cyber crime portal. Please note that neither WHO or Government Officials will ask you for your banking or sensitive information directly for any scheme. They may also send UPI links etc to verify and your bank account will be debited. Please ignore any such e mails.

How to identify a Phishing Scam

When ever you encounter with any suspicious mail you can check for some signals that can tell you if it is a genuine mail or not. Lets look at some of such signals.

Emails asking immediate act: Phishing emails often have a sense of urgency always so that you will skip the details as a normal human tendency. You can always lookout for phrases such as ‘Alert From MoHFW’ or ‘URGENT: From INGOV’ or ‘Last Date to Submit Details’, etc.

Suspicious links: most of the phishing emails will always ask you to click on a link to take to a payment page, download page or form page. You might have received links like “Download Arogya Setu App” but the actual link looks like something else. Before you click any link please hover your mouse cursor over any link and check if the actual link matches with the subject or official sites.

Unprofessional mails with Spelling or grammatical errors: Every business organisation and government agencies have separate public communication or marketing team to draft any communication mails professionally  with correct English and mistakes are rare. You will always observe spelling and grammatical errors on any phishing email.

I have just tried to make you aware of some of the recent phishing scams taking place in this pandemic situation and some signals to check them and protect yourself. There may be some other scams and signals to check and I will try to keep this article updated. Your comments are always welcomed.