China-based threat actors are targeting government officials by approaching them with domains and websites that are similar to official NIC (National Informatics Centre) IDs and sites, a recent cybersecurity advisory for government officials accessed by Moneycontrol said.
The June 22 advisory listed domain names such as mydrive-nic.online and secure-nic.online, stating that they are being used by Chinese threat actors to perpetrate phishing scams. Other similar domain names include drive-nic.online, files-nic.link, files-nic.space, and nic-files.download.
The advisory also listed specific email ids, which the advisory said were being used by Chinese threat actors.
"Don't respond to unsolicited emails and junk email (spam). Don't unsubscribe from their emailing (sic) just let the spammer know that they have found the valid email address (sic). The safest path is to ignore and delete," officials were advised.
This is the latest in a long line of advisories released by government bodies, highlighting the growing number of incidents in which external threat actors have targeted sensitive and critical infrastructure in the country.
Moneycontrol has reached out to NIC and the Indian Computer Emergency Response Team (CERT-In) with queries in this regard. The article will be updated when a response is received.
This recent advisory follows a similar warning that the government aired regarding a "new wave of cyber attack campaign" where China-based threat actors have been targeting government bodies, such as the Unique Identification Authority of India (UIDAI) and the All India Institute of Medical Sciences (AIIMS).
Apart from that, the June 22 advisory also made a mention of attempts by Pakistani intelligence operatives (PIOs) to target officials "posted in sensitive organisations by honey-trapping them over social media".
The recent advisory that Moneycontrol reviewed said, "PIOs are using fake identities including posing as defence correspondents (sic) of ministries and are using spoofed numbers to gain the trust of unsuspecting individuals to ferret out sensitive information."
Additionally, it urged higher officials to sensitise all employees in their respective organisations regarding this threat campaign.
This follows a similar advisory that a government body had released warning against a cyber-attack campaign, where officials have been receiving malware-laden emails disguised as recommendations on how to prevent honey trapping.
A few months ago, a DRDO employee was arrested for divulging sensitive information to Pakistan-based intelligence operatives in a suspected case of honey trapping.
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
