Government tells employees not to trust caller ID information

A cyber security visory has cautioned government officials against trusting caller ID information that pops up while receiving a phone call, following a spurt in "vishing" attacks aimed at compromising confidential personal information and gaining unauthorised access to official systems.

"Attackers may impersonate trusted entities, such as senior government officials, law enforcement ncies, or technical support personnel," visory issued recently by National Informatics Centre (NIC) says.

severity of communication has been categorised as "high".

It has specified that attackers "manipulate" caller ID information to make a call appear as if it is coming from a "legitimate government number".

communication sent to multiple government departments and ministries has been accessed by PTI. It says it was issued as "in recent months, re has been an increase in vishing attacks targeting government officials to compromise confidential information and gain unauthorised access to official systems".

"Vishing" or voice-phishing is a social engineering attack where scamsters use phone calls or voice messs to manipulate individuals to share sensitive information, such as log-in credentials, personal information and financial details.

attackers also deploy tactic of conveying a "sense of urgency", "coercing" targets into revealing information by implying severe consequences for n-compliance and using "complex technical langu" to confuse or intimidate targets, making m more likely to comply, visory has said.

It has asked government officials to be cautious against such techniques as it has underlined that caller ID information can be "easily spoofed".

"Do t trust legitimacy of caller based solely on displayed number. Cross-check any caller claiming to represent an official ncy with official records," communication has vised.

It has also asked officials to mandatorily verify caller's identity through government channels before sharing sensitive information.

visory has asked m to call back organisation or individual using publicly available contact information.

Officials, according to visory, should always "be suspicious of any unsolicited calls asking for personal or confidential information, especially when caller is creating urgency or panic to pressure compliance".

"Take time to verify information provided by a suspect caller," visory has said.

It has also asked government staffers to practise all established protocols for ensuring safe cyber interaction during work and orwise.