In response to an alarming surge in cyber threats, the Cabinet Division has released a cautionary advisory aimed at safeguarding government officials from potential hacker attacks facilitated through impersonation. The advisory outlines a growing trend wherein threat actors exploit human curiosity to disseminate malicious links via social media platforms and emails.
The perpetrators, posing as high-level officials, are luring targets into clicking on these links, consequently infecting their mobiles and computer systems. Once compromised, these systems can be weaponized for sophisticated attacks, ranging from the extraction of sensitive information to gaining unauthorized access and even enabling microphone access for eavesdropping purposes.
The advisory highlights the hackers’ utilization of mobile numbers and other personal details previously acquired through hacking endeavors. Armed with this information, hackers deploy various tactics, such as phishing emails, spoofed SMS, or WhatsApp messages, targeting specific individuals. The messages are meticulously crafted to deceive recipients into divulging sensitive information or clicking on dubious links and attachments.
To mitigate these risks, citizens and government officials are strongly urged to exercise caution when confronted with links received via email or messages, whether from known or unknown sources. Additionally, the advisory recommends thorough scanning of attachments with antivirus software before downloading, even for seemingly trustworthy attachments.
Government officials are further advised to regularly update their operating systems and software applications across all computing devices, encompassing PCs, laptops, mobiles, and wearables. The use of reputable and trusted antivirus or antimalware programs on all devices is emphasized, with a stern warning against utilizing personal accounts on official devices.
Furthermore, the advisory advocates the implementation of Multi-Factor Authentication (MFA) wherever possible, coupled with a strict prohibition on sharing personal details and credentials with unauthorized or suspicious entities, websites, or applications.
To enhance cybersecurity, the advisory advocates typing URLs directly into the browser rather than clicking on links, ensuring websites are accessed via HTTPS, and avoiding visits to HTTP websites. By adhering to these precautions, individuals can fortify their defenses against the escalating threat landscape posed by cybercriminals.
