Yangyel Lhaden

Bhutan Computer Incident Response Team (BtCIRT) has observed an increase in online scams recently.

BtCIRT, the national computer incident response team under the Ministry of Information and Communications (MoIC), has reported numerous scams during the pandemic and has been alerting the public.

On December 24, BtCIRT shared WhatsApp scam message that falsely claimed the government was offering money to all citizens above 18 years. The suspicious message came with a link for recipients to check eligibility.

On December 25, BtCIRT reported about scam emails in which a hacker claimed to have video and image footage of the addressee watching pornography. The sender sought a ransom of $5,306 in Bitcoin.

A Senior ICT officer with BtCIRT, Sonam Choki said that scammers were taking advantage of the pandemic and was creating fake links related to Covid-19 which people would most likely click. “People need to be alert and be suspicious of any unsolicited emails, texts, or phone calls.”

Officials from BtCIRT said that people should follow reliable sources for Covid-19 related information and support.

BtCIRT officials advise people not to click the link and inform such scams to cirt@btcirt.bt.  

According to evidence Act of Bhutan 2005 anything that is defamatory, libel, untrue or harassing becomes an offence under the Penal Code even if it is said or done online.

Sonam Choki said that the biggest challenge the team faced was advocating people with limited outreach from the team to educate them. “The team also don’t get reported of such incidents which will help us in knowing prevalent trends and disseminate timely relevant information to the public.”

She said that the team had not recorded major losses through online scams this year. “However, it doesn’t mean the absence of scams because people don’t report to BtCIRT.”

In 2018, a 47-year-old woman lost Nu 80,000 to a WhatsApp scam. In 2019, a civil servant in Trashigang and an Indian businessman allegedly lured 12 Bhutanese through a WhatsApp took Nu 849,000.

The team creates awareness on cybersecurity, and various cyber threats through various platforms. “We are not sure if everyone views it.”

How to stay safe from cyber threats?

Always keep your devices up to date with latest upgrade and patches.

The user should not open unknown email attachments unless he/she is sure of the source.

If a user clicked a malicious link and gave away sensitive information, a user can change the login credentials and still be safe.

The user should create strong and different passwords for devices and application.

Never ever respond or transfer ransom to attackers.

Enable two-factor authentication on your important accounts.

Always keep your webcam covered when not using them.

Be extra vigilant while browsing illegal sites as many of them have malware embedded in links, videos, or images, which may lead to your device being compromised.

Report cyber threats with BtCIRT for timely interventions.