Honey Traps And Phishing Scams: China's Cyber Tactics Against Indian Government Officials

Recent cybersecurity warnings highlight that Chinese cybercriminals are targeting Indian government officials. These threat actors approach officials with domain names and websites that mimic official National Informatics Centre (NIC) platforms.

What Happened? As highlighted in a MoneyControl report, an advisory, issued on June 22, mentioned deceptive domain names like ‘mydrive-nic.online’ and ‘secure-nic.online’. The criminals use these and other similar domains to execute phishing scams.

The advisory also revealed specific email IDs used by these cyber criminals and advised officials to avoid responding to unsolicited and spam emails. It stressed the importance of ignoring and deleting such emails instead of unsubscribing, as that could confirm the email address is valid.

See also: Cyberattack Hits Paracetamol Maker’s Revenue And Profit, Shares Fall

This warning is one of many recent advisories that underscore a rise in external cyber threats to India’s sensitive and critical infrastructure. NIC and the Indian Computer Emergency Response Team (CERT-In) have been contacted for further comments on the issue.

This latest warning follows a previous alert concerning a new wave of cyber-attack campaigns from China, targeting entities like the Unique Identification Authority of India (UIDAI) and the All India Institute of Medical Sciences (AIIMS).

Additionally, the advisory also noted attempts by Pakistani intelligence operatives to exploit officials in sensitive positions using social media deception, often referred to as “honey-trapping.”

Officials were urged to make their teams aware of these cyber threats.

Read next: India Is Seeing An Alarming Uptick In Cyberattacks This Year

Posted In: TechCERT-InCybersecurityphishing