The National Telecommunication and Information Security Board (NTISB) has warned that hostile intelligence agencies (HIAs) have accelerated their hacking attempts against officers especially senior officers by exploiting the human psychology/allure of curiosity to call back anĀ unfamiliar number.
The Board has issued an advisory regarding hacking attempts of HIAs using spoofed messages.
The advisory noted that of late, HIAs have accelerated their hacking attempts against officers especially senior officers by exploiting the human psychology/allure of curiosity to call back an unfamiliar number, which if successful, can lead to the launch of sophisticated attacks including extraction of sensitive information and gaining unauthorized access to targetsā device.
The modus operandi of HIAs is that the target may receive one ring/missed call from a familiar number to trick people into returning missed call or SMS, which is exploited by HIAs in the following ways:
- Impersonation of trusted contacts of reputable organizations/ individuals for further luring in the victims to exploit their mobile phones.
- Mobile numbers of military/defense forces personnel (since most of the contact lists had been leaked/hacked over a period of time from mobile phones of military/defense personnel) are being used by HIAs to send spoofed SMS/WhatsApp messages to selected targets.
- Missed call or sharing of a well-crafted message to trick the victims to disclose their sensitive information or click on suspicious links/attachments.
- Spoofed numbers can be generated from various websites/applications. Most spoofing services append the originatorās country code for international callings, therefore, in some sloppy hacking attempts those numbers are appended with Indian country code (+91) as well.
The Board has enumerated a few best practices as a basic remedy to avoid any undesirable episode which include;
- Do not respond to unknown calls/messages. Do not pick up/call back to calls from unknown numbers/sources and do not respond to unknown messages. Also, carefully examine the number of callers/message senders for spoofing. Treat missed calls and SMS from unfamiliar numbers with suspicion, especially if they are from international numbers.
- Enable Two-Factor Authentication (2FA). Utilize/enable 2FA for WhatsApp and other relevant platforms to add an extra layer of security to your accounts/applications.
- Avoid clicking Suspicious Links. Refrain from clicking on links received via SMS or WhatsApp unless confident about their authenticity.
- Update and Secure Devices. Keep mobile devices and applications up to date with the latest security patches/updates to mitigate vulnerabilities.
Honestly, I never believed real hackers existed until I witnessed this pro hacker Fyodor help my best friend hack into his wife’s iPhone within 5 hours. The most amazing thing is that he could do as much as recording and listening to her phone calls. Long story short, he has helped me fix my credit and I got approved for loan. This recommendation is my little way of appreciating Fyodor for being such a blessing. If you need help, his Email Fyodorfasthacks@ Gmail. com