New Delhi: In order to create cyber awareness among government employees, the Ministry of Home Affairs has issued guidelines against 'social engineering' attacks to prevent the leak of any sensitive information.
"Be careful to unsolicited phone calls, visits or email messages from individuals asking about personal or other government information. If an unknown individual claims to be from a legitimate organisation, try to verify his or her identity directly with the company," the ministry guidelines said.
In its 24-page booklet - 'Information security best practices' by the cyber and information security division of the MHA, it further guides government officials on how to avoid social engineering scams, malicious websites and attacks from hackers.
Cautioning the ministry officers against the use of social media, the advisory says, "all personnel, including employees, contractual staff, consultants, etc., who manage, operate or support information systems, facilities, communication networks; and information created, accessed, stored and processed by or on behalf of the government of India, unless authorised to do so, shall not access social media on any official device (computer, mobile, etc.) or disclose official information on social media or social networking portals or applications".
Explaining the best practices with regard to email communication, the booklet advises to use only government-provided email address for official communications and downloading email attachments or clicking on suspicious links received in emails from unknown sources should be avoided.
Further, informing the officials about another type of social engineering attack, 'quid pro quo scam', the ministry said this involves the exchange of information where hackers make the victim believe about a fair exchange, but that's far from the case.
Also Read: Supreme Court's status quo on Essar Steel sale to Arcelor Mittal
