A potential phishing campaign designed to steal personal data as well as the financial information of individuals and companies is being planned by hackers using a fake Ministry of Manpower (MOM) e-mail address, the ministry warned yesterday.
In a Facebook post, MOM said the hackers intend to use the e-mail address to trick people into thinking they are from the ministry and to make use of the Covid-19 support fund as bait to get the recipients to share their private data.
"The hackers plan to use a spoofed MOM e-mail address (firstname.lastname@example.org) and the Covid-19 support fund as a lure to get recipients to click on the embedded phishing link," said the ministry in its post, which was later shared by the Government Technology Agency.
"These phishing e-mails are designed to drive recipients to fake websites where they will be deceived into divulging personal and financial information," said MOM.
It said it received information that the campaign will target businesses, and reminded the public to use only the official ministry website for all information and transactions related to MOM matters.
In a report about the phishing campaign, cyber-security firm Cyfirma said the hackers claim to have 8,000 business contact details and will target businesses with a phishing e-mail tomorrow.
The e-mail will try to direct recipients to fake websites, where they will encounter attempts to get them to divulge personal and financial information, said Cyfirma, which is based in Singapore and Tokyo.
The firm conducted an online threat assessment in the first half of this month and found that prominent hacker group Lazarus Group was planning a global attack that involved this phishing campaign.
The global attack is said to be targeted at more than five million people and businesses in six countries that have announced financial support measures for their citizens in the light of the Covid-19 pandemic. These are Singapore, Japan, South Korea, India, the United States and Britain.
This is the second time this week that MOM has warned of phishing schemes involving hackers pretending to be from the ministry.
On Tuesday, MOM uploaded a post on Facebook warning of online sites that have been passing themselves off as the ministry's official website and which were designed to steal information from victims.
Tips to combat cyber threats
Businesses and individuals should always be alert to phishing attempts by cyber criminals, the Cyber Security Agency of Singapore said yesterday.
It noted that opportunistic cyber criminals have been using the Covid-19 situation to conduct malicious cyber activities and that with the increasing reliance on the Internet during this period, it is important to be vigilant.
The Singapore Computer Emergency Response Team (SingCERT) has also issued an advisory to remind people to practise good cyber hygiene.
Here are some tips to stay safe:
• If you receive a suspicious or unsolicited e-mail that requests sensitive information or requires financial payments, you may wish to check with the sender via an alternative medium - such as a phone call listed on its official website - to verify the authenticity of the e-mail before following up on the request.
• Avoid clicking on links or opening attachments found in e-mails or text messages from unknown or untrusted senders.
• Even if the message appears to come from a known or familiar sender, double-check the details to verify authenticity.
• Government websites will use only .gov .sg links, except for some websites which the public are already familiar with - for example, skillsfuture.sg, onemotoring.com.sg or ns.sg
• Government link shorteners will only be on a go.gov.sg link URL. When unsure, always refer to official sources for information and verification.
• If you think you may have received a phishing e-mail, you can report it here.
Members of the public can also refer to SingCERT's advisories to find out how to protect themselves against other Covid-19-themed cyber threats.