NIC Issues High-Severity Alert on Rising 'Vishing' Threats Targeting Government Data

New Delhi: In response to a recent surge in "vishing" attacks targeting confidential government information, the National Informatics Centre (NIC) has issued a high-severity advisory, warning officials not to trust caller ID information. The advisory highlights how attackers are using caller ID spoofing to impersonate trusted entities, attempting to gain unauthorised access to government systems and confidential data.

"Attackers may impersonate trusted entities, such as senior government officials, law enforcement agencies, or technical support personnel," states the NIC's advisory. This form of voice phishing, or "vishing," uses social engineering techniques to manipulate victims into sharing sensitive details such as log-in credentials and personal information.

The advisory underscores that scammers are able to "manipulate" caller ID information to make it appear as though a call is originating from a "legitimate government number." It advises government officials to avoid relying on the displayed caller ID to confirm the identity of a caller, suggesting they should "cross-check any caller claiming to represent an official agency with official records."

According to the advisory, vishing attackers often use complex technical language or imply serious consequences for non-compliance to pressure targets into compliance. Officials are reminded to remain cautious, especially with unsolicited calls demanding confidential information under the guise of urgency or panic.

The NIC's guidance urges officials to verify the identity of any caller through official government channels before disclosing any sensitive information. It also recommends calling back using publicly available contact information for further validation.

For safe cyber interactions, the advisory also instructs officials to follow established protocols and "be suspicious of any unsolicited calls asking for personal or confidential information."