CERT-In Issues Nationwide Alert Over QR Code, Phishing, & Fake VPN Scams

Mumbai: The Indian Computer Emergency Response Team (CERT-In) of the Central government has issued an alert for citizens regarding QR code-based scams, phishing scams, and fake VPN software spoofing.

“Scammers use fake QR codes to redirect users to malicious websites or install fake apps to steal credentials and access sensitive information,” the alert stated. The alert further mentioned, “Before scanning, make sure it is from a trusted source. When scanning QR codes, be cautious of it leading to shortened URLs. Be cautious with scanning codes found in public places, like posters or flyers, as they could be malicious.”

An alert issued by CERT-In regarding phishing stated, “Phishing is a social engineering technique used by scammers to trick you into sharing sensitive information, like passwords or bank details. Scammers use fake emails, messages, or websites to pretend to be trusted organisations.” “Don’t click on unknown links or download attachments from unverified sources. Look for spelling errors, fake domain names before clicking on any link,” the alert stated.

What's A Virtual Private Network

A virtual private network (VPN) is a service that protects users' internet connection and privacy online. Fraudsters create domains with similar names/malicious domains for the distribution of spoofed and malicious versions of popular VPN software.

“Fraudsters create several look-alike websites containing malicious download links. Fraudsters use the icons and the identical graphical user interface (GUI) of popular VPN applications. Once the victim clicks the link, it may lead to the downloading of a malicious VPN setup file infected with malware or to websites that contain malware,” the alert said.

news