Pakistan Issues Alert Over Suspected Indian Phishing

On May 6, 2025, Pakistan’s Cabinet Division issued an urgent cybersecurity advisory alerting all government departments to a suspected phishing campaign attributed to the Indian-linked threat actor known as “SideWinder.” This group has a history of targeting Pakistani officials through spear-phishing emails designed to compromise sensitive information.

The advisory warns that the cyberattack relies on phishing emails to breach official communication systems, with attackers posing as trusted Pakistani institutions, including cybersecurity divisions of key government bodies. Their objective is to deceive recipients and gain unauthorized system access, specifically targeting personnel within state institutions.

These operations are attributed to SideWinder, an Indian-linked threat group known for conducting similar cyber-espionage campaigns across South Asia. The group leverages social engineering and spoofed emails as primary tactics, making detection and prevention especially challenging. To mitigate the threat, the advisory urges immediate adoption of technical defenses such as email filters, malware detection tools, and spam protection. It also recommends routine security audits and continuous monitoring of email systems for suspicious behavior. Crucially, the advisory emphasizes training government staff to recognize phishing schemes and the risks of social engineering, promoting a culture of cyber awareness and resilience to bolster national digital security.