With the vaccine shortage across the country, many citizens are facing difficulties in securing an appointment to get the jab against Covid-19. Cashing in on the situation, fraudsters are using new ways to scam Indians.
Raising an alarm against such malicious elements, the Indian Computer Emergency Response Team (CERT-In) issued a fresh advisory to warn citizens about scammy CoWin vaccine registration apps.
These fake apps are gaining popularity from viral SMS. In its officially advisory, CERT-In said that the SMS message carries a link that installs the malicious app on Android-based devices.
“The app essentially spreads itself via SMS to victims’ contacts. The app also gains unnecessary permissions that attackers could leverage to acquire user data such as contact list,” CERT-In said.
Scammers are using multiple variants of SMSs to trap citizens into their fishy net. Usually, the SMS advises receivers to download and install any of the five apps on their smartphone. The apps are downloaded as APK files so that scammers can easily inject malware into their smartphones.
The main purpose of these fishy apps could be to steal passwords or financial information. CERT-In urged Indians to remain “beware about phishing and fake domains, emails, text messages and phone calls which falsely claim covid vaccine registrations.”
Currently, the official portal where one can book Covid-19 vaccine slots is the CoWin portal, which can be accessed at cowin.gov.in. Indians can also the Aarogya Setu app to access cowin.gov.in to their vaccine appointment.
Several other websites offer information about the vaccination drive or alert their users about free vaccination slots nearby them from time to time. However, none of the apps will urge its users to download malicious apps.