Chennai, May 10 (UNI) In the wake of the escalating Indo-Pak conflicts, there is an

elevated risk of cyber-attacks, particularly from State sponsored advanced persistent

threats known for targeting Indian government agencies, military personnel, and critical

infrastructure citing Indo-Pak news through social media platforms.

In an alert and advisory, the Tamil Nadu Cyber Crime Wing said this group uses

sophisticated tactics such as phishing emails, fake login pages, and malicious

attachments to gain unauthorized access to sensitive information.

Advisories regarding these threats have already been issued to all Government

departments in the State.

In view of public interest and safety, the Cyber Crime Wing alerts the

public about a recent surge in malicious content spreading rapidly

through WhatsApp, e-Mail, and Social Media platforms with respect to

Indo-Pak conflict.

This content includes deceptive videos,

images,‘.exe/.apk’ files and phishing links disguised as news or updates

related to the ongoing Indo-Pak conflict.

Threat actors are exploiting heightened public interest and tension

around the situation to target unsuspecting individuals with malware,

fake news, and cyber scams.

These cybercriminals are circulating

malicious content under the pretext of exclusive updates, conflict-related

visuals, or leaked footage, with many of these materials carrying

malware, spyware, or links to phishing websites.

This content can be in

the form of links or even photographs sent from unknown numbers or

forwarded in whatsapp/ Telegram/ other social media groups.

How the Cyber Attack surfaces:

The malicious .apk file, .exe file and the video files/links shared in

WhatsApp/emails/other social media platforms are being used as:

disguising malware as videos or images titled 'Dance of the Hillary',

“Army_Job_Application_Form.pdf” and executable file 'tasksche.exe'

Embedding phishing links in messages that appear to come from

trusted sources or groups to steal personal data through phishing

websites designed to look like legitimate news or government

sources.

Spreading APK (Android Package) files labelled as apps or tools

(e.g., “live war updates app”), which once installed, steal data,

access device files, or lock phones with ransom ware and demands

payment.

Once these malicious links/ image/ .exe/ .apk files are downloaded, a

malware is installed in the device which can result in compromising the

device, hacking of bank accounts or social media accounts etc.

In an advisory to the public:, the CCB said For WhatsApp and Social Media:

Never open unknown video or image files, even if forwarded by

someone you trust.

"Never forward such messages / files to anyone or to any group.

Avoid installing APK files sent via messaging apps. Only install

apps from Google Play Store or official app stores.

Do not click on forwarded links claiming to show conflict updates

or sensitive footage.

Exit, Report and Delete suspicious WhatsApp groups sharing

inflammatory or unverified content.

Enhanced security setup in WhatsApp:

In WhatsApp settings - > Storage and data - >disable Media Auto

Download for allsuch as Photos, Audio, Videos and Documents.

Enable 2 Step Verification in WhatsApp Account setting to avoid

account hack" it said.

Report any malicious messages or group activity directly to

WhatsApp or report in cybercrime.gov.in and that OTP should

not be shared with anyone.

For E-mail users, it said

Do not open emails from unknown senders, especially those with

urgent subject lines related to Indo-Pak conflict.

Avoid downloading attachments or clicking on links in unsolicited

mails.

Check the email address carefully. Phishing emails often mimic

legitimate organizations.

Enable 2-factor authentication (2FA) on all accounts.

Use updated antivirus software and enable spam filters.

General Cyber Hygiene:

For following the updates on the Indo-Pak conflict, only use verified

news channels and social media handles. Fact checkers can be

used to avoid forwarding or downloading sensitive fake new.

Be wary of messages or posts claiming to show sensitive or

exclusive news on Indo-Pak conflicts.

Do NOT open or forward suspicious videos, images, or links

received through WhatsApp, email, or social media, even if sent by

known contacts.

Never download or click on links shared via social media without

verification.

Regularly back up important data on external or cloud storage.

Update your antivirus and mobile security software regularly.

Avoid sharing unverified content, especially during sensitive

geopolitical events.

Verify information through official government websites and official

handles.

UNI GV