The National Informatics Centre (NIC) has issued a high-severity advisory to government officials, warning them against relying solely on caller ID information and revealing sensitive information over the phone. The warning comes amid a rise in “vishing” attacks, where cyber criminals impersonate trusted entities to deceive individuals into divulging confidential details.
In the advisory, the NIC cautioned that attackers may spoof caller ID information to make it appear as though the call is coming from legitimate sources such as senior government officials, law enforcement agencies, or technical support personnel. These impersonations are designed to exploit trust and gain unauthorized access to government systems or confidential data.
The advisory highlighted an increase in the frequency of vishing attacks targeting government officials, which have been used to acquire sensitive information or compromise official systems. “Vishing,” or voice-phishing, is a type of social engineering attack where cyber criminals use phone calls or voice messages to manipulate targets into providing confidential data.
The NIC emphasized that government officials should not trust the legitimacy of a caller based solely on the displayed phone number. Instead, they are urged to cross-check any caller claiming to represent an official agency through verified government records.
One of the tactics used by attackers is creating a sense of urgency, pressuring targets into revealing sensitive information by implying severe consequences for non-compliance. In some cases, they may also use complex technical jargon to confuse or intimidate their victims, further escalating the risk of data breaches.
To mitigate the risk of falling victim to these attacks, the NIC advised government officials to verify the caller’s identity using official government channels before sharing any confidential information. By exercising caution and taking extra steps to confirm the legitimacy of a phone call, officials can better protect themselves from vishing scams and safeguard sensitive data from malicious actors.
Sources By Agencies
