Islamabad, Sep 18: NCERT Alerts Government Organizations About Rising Email Phishing Attacks.
This phishing attack aims to steal credentials from government employees by deceiving them into clicking on malicious links or opening harmful attachments.
The attackers used multiple public IP addresses and cloud-based services to hide their identities, with platforms like Cloudflare making it challenging to trace the source of the phishing sites.
While the phishing emails did not contain embedded malware, they included phishing links that relied on social engineering tactics to trick recipients.
In response, NCERT recommended advanced security measures, such as email filtering systems, email authentication protocols (SPF, DKIM, DMARC), and multi-factor authentication (MFA) to safeguard against these attacks.
They also encouraged government organizations to reset affected employees’ credentials and conduct phishing awareness training, along with deploying Endpoint Detection and Response (EDR) systems to monitor for suspicious activity. Regular system updates were also advised to prevent future threats.
