'Don't solely trust caller ID': Cyber body issues warning to government official
The severity of the communication has been categorised as "high".
The National Informatics Centre (NIC) has warned government officials against trusting the caller ID information without verification and divulging sensitive information. In the advisory, the cyber security body said cyber criminals may impersonate trusted entities to launch a "vishing" attack.
"Attackers may impersonate trusted entities, such as senior government officials, law enforcement agencies, or technical support personnel," the advisory issued recently by the National Informatics Centre (NIC) said.
The severity of the communication has been categorised as "high".
The body said the attackers can manipulate the caller ID information to create the impression that the phone call was coming from a legitimate number.
In the advisory, the body said there had been an increase in the number of vishing attacks against government officials. These attacks have been used to acquire confidential information and gain unauthorised access to official systems".
Also read: Ludhiana: Ex-armyman falls prey to cyber fraud twice in 15 days, loses ₹45 lakh
"Vishing" or voice-phishing is a social engineering attack where cyber criminals use phone calls or voice messages to manipulate individuals.
"Do not trust the legitimacy of the caller based solely on the displayed number. Cross-check any caller claiming to represent an official agency with official records," the communication has advised.
Also read: Indian organisations at very high risk of cyber attacks, says survey
It said the caller IDs can be easily be spoofed.
The attackers also deploy the tactic of conveying a "sense of urgency", "coercing" targets into revealing information by implying severe consequences for non-compliance and using "complex technical language" to confuse or intimidate targets, it said.
Also read: 5,000 cyber commandos will be ready in 5 ys to fight cyber threats: Amit Shah
It said government officials must verify the caller's real identity through government channels before divulging sensitive information.
With inputs from PTI