Beware of fake SMSes from hackers impersonating DoT to steal your data: how to identify scam

Do not fall for this trick, even if there is a gov.in website mentioned. Here's how to identify.

Highlights
  • A text message, presumably from the government, tells the user to visit cyberswachhtakendra.gov.in to check their device from malware 
  • This is a fake link and can be used to steal your data
  • The Government of India’s Cyber Swachhta Kendra has a different URL from the one mentioned in the message

A Twitter user going by the name Roshan Kumar has flagged a potential scam wherein hackers are impersonating the Department of Telecommunications to steal your data. As per the user’s tweet, he received an SMS presumably from the Telecom Department suggesting his phone was infected with malware. Further, the message tells the user to visit cyberswachhtakendra.gov.in for remediation.

Show Full Article

While this may seem legit since the government does have a dedicated Cyber Swachhta Project, the catch here is that the link provided is a phishing link designed to dupe users. The actual URL of the government’s project is actually csk.gov.in.

The tweet tagged the Department of Telecommunications, Government of India, TRAI and Reliance Jio. Jio responded saying the message apperas to be a scam and the user should not click on the given link.

For the uninitiated, Cyber Swachhta Kendra is a part of the Government of India’s Digital India initiative under the Ministry of Electronics and Information Technology, which alerts users about possible botnet infections in India that could harm users’ devices. It also shows ways to clean this malware and prevent further infection.

What can you do in such a case?

If you’re concerned about your device’s security, the Cyber Swachhta Kendra’s website suggests scanning your computer/smartphone to remove the malware and take steps to improve the device’s security. It encourages you to visit the Antivirus companies’ websites, which offer a free bot removal tool. However, it is unlikely that the government will prompt you of such an event by specifically sending an SMS about it. Please be sure to check the URL provided if you’ve received such an SMS, and do not be fooled by gov.in domain suffix as it does not guarantee security.

The original Cyber Swachhta Kendra’s website recommends Microsoft Windows users install Quick Heal, eScan, or K7 Security tools to secure their computer. For mobile phones, it suggests the eScan application available on the Google Play Store to eliminate the shenanigan.