The Cabinet Division has issued a warning regarding a new wave of hacking attempts aimed at stealing government employees’ data through fake emails. Hacker groups are employing deceptive tactics, particularly during the Eid holidays, by sending fraudulent security advisories and emails primarily targeting government agencies and officials.
Hacker Groups Are Stealing Government Employees’ Data Using Fake Emails and Security Advisories
The Cabinet Division reports that hacker groups are employing fake security advisories and emails to deceive government employees and gain access to their sensitive information. These fraudulent communications often utilize the name of the Assistant Secretary National Telecommunication and Information Security Board (NTISB-II) to appear legitimate. The attackers incorporate malicious attachments or payloads within these bogus security advisories to deceive unsuspecting individuals into compromising their data. Specifically, the phishing emails contain attachments titled “Eid Holiday Cabinet Division Press.docx,” enticing recipients to open them under the guise of official Eid holiday-related information.
Cabinet Division Urges Vigilance and Provides Authentic Communication Channels
To combat this growing threat, the Cabinet Division has instructed all Ministries, Divisions, and Departments to exercise caution and refrain from opening or responding to suspicious attachments. They have emphasized that the only authentic email addresses for official communication from the NTISB are [email protected], [email protected], and [email protected].
The Cabinet Division has clarified that no official email concerning the upcoming Eid-ul-Azha holidays has been issued. Users are advised to remain vigilant and refrain from opening any phishing emails or attachments. By providing these authentic communication channels and cautioning against fraudulent emails, the Cabinet Division aims to protect government employees and their sensitive data from hackers. As cyber threats continue to evolve, it is essential for individuals to exercise caution, verify the authenticity of emails and attachments, and follow best practices to ensure the security of their data and personal information.