The Centre on Saturday night warned people of a massive phishing campaign that could mimic official communication on the coronavirus pandemic to steal personal data and financial information from people. The Indian Computer Emergency Response Team, also known as CERT-In, that works under the Ministry of Information Technology, said that the phishing attack is expected to begin on Sunday, and could use the email ncov2019@gov.in.

“It has been reported that malicious actors are planning a large scale phishing attack campaign against Indian individuals and businesses (small, medium and large enterprises),” CERT-In said in a statement it tweeted. “The phishing campaign is expected to use malicious emails under the pretext of local authorities in charge of dispensing government funded Covid-19 support initiatives. Such emails are designed to drive recipients towards fake websites where they are deceived into downloading malicious files or entering personal and financial information.”

CERT-In said that the phishing campaign is likely to impersonate government agencies, departments and trade associations that disburse government aid. “The malicious actors are claiming to have two million individual/citizen email IDs and are planning to send emails with the subject free COVID-19 testing for all residents of Delhi, Mumbai, Hyderabad, Chennai and Ahmedabad, inciting them to provide personal information,” CERT-In added.

The cyber security agency said the campaign is likely to create fake email IDs impersonating various authorities, which will then be used to dupe Indian individuals and businesses. It advised people to not open attachments in unsolicited emails, even if they come from people in their contact list. “Beware of clicking on phishing URLs providing special offers like winning prize, rewards and cashback offers,” CERT-In said. “Any unusual activity or attack should be reported immediately at incident@cert-in.org.in with logs and email headers for analysis of the attacks and for taking action.”

However, the government did not make it known who was behind the planned phishing attacks.