A concept photo of cybersecurity Photo: VCG

Commonly used email has become a key target for foreign spy intelligence agencies to steal information, the Chinese Ministry of State Security said in its latest article on Sunday, noting that computer networks of the Party and government agencies, as well as those of sensitive units as the main channels, with the phishing emails being the common method of cyberattacks.

The article explained that attackers forge the sender's address and email account, enticing the target user to click on malicious links or download malicious files, so that they could steal sensitive information such as user credentials and data, and even control targeted devices.

According to the article, impersonating officials to commit fraud is one of the common methods in phishing. 

Foreign spy intelligence agencies will set up a highly similar email login interface to the target email address in advance, posing as an email service provider, and send fake "high-risk account warning messages" emails to designated users. When the target clicks on it, the fake login interface will pop up, and once the account password is entered, it will be in the hands of foreign spies.

For example, in 2021, an employee of a confidential military enterprise in China received a phishing email disguised as a warning message from an email service provider, which led to the leakage of the work email account password. Foreign spy intelligence agencies used this password to log into the email account and stole a large amount of sensitive work information.

Foreign spy intelligence agencies will collect and analyze relevant email user information in advance, select valuable targets, and design email titles and content tailored to their interests in hot events, work matters, or personal affairs, to lower the target's guard against phishing emails and entice them to download malicious files.

Separately, stealing accounts to impersonate identities is another method of phishing. 

Online phishing is one of the main methods used by foreign spy intelligence agencies to carry out cyberattacks and cybertheft, which can be done at low cost, undetected, while also inflicting maximum harm. 

The public should enhance their security awareness. As internet phishing methods continue to evolve, we must learn and understand internet security knowledge, enhance awareness of internet security risks, be able to identify cyberattack methods, and avoid falling for traps, according to the article.

The ministry suggested that individuals should set high-security login passwords and regularly update them, configure and use two-factor authentication, abnormal login alerts, and other security protection functions. Relevant departments should strengthen network security measures, implement effective security protection strategies. Additionally, the departments should install and regularly update antivirus software on computers, phones, and other terminal devices, conduct regular comprehensive virus scans.

The ministry called on citizens, if they discover suspicious activities involving theft through phishing emails, to promptly call the national security agency's reporting hotline at 12339, or report through the internet reporting platform, or through the national security department's WeChat public account reporting channel, or directly report to the local national security agency.

Global Times