He highlighted how cybercriminals are leveraging public trust in government processes to execute sophisticated scams, while also outlining key warning signs and preventive measures citizens and authorities must adopt.

How are cybercriminals exploiting digital census operations to target citizens?

Fraudulent entities are exploiting public trust in accessing digital census drives by impersonating government officials. They are doing this through fake websites, SMS links, emails and calls, and creating a sense of urgency to get people to share sensitive data with them such as their Aadhaar numbers, bank details or OTPs. Malicious applications and phishing portals are also being used to gather personal information from the target audience on a large scale.

What are the most common tactics used in these impersonation scams?

Attackers frequently use phishing links, spoofed domains that closely imitate official portals, and caller ID masking to appear legitimate. Various social engineering techniques-such as creating a sense of urgency, threatening people with a penalty if they do not comply, or providing an incentive-are used extensively. Attackers may also use APK files or attachments to distribute malware, as well as WhatsApp and SMS campaigns, which further increase their reach and credibility.

What key red flags should individuals watch out for?

Red flags would include unsolicited messages requesting personal or financial information through links that do not match official government domains, requests for OTPs or payments, poorly worded communications inviting the target to download an app, or pressure tactics such as "last chance to comply." All communications with citizens should be verified through established and confirmed government channels prior to taking any action.

What risks do these scams pose to personal and financial data security?

The impact of these types of scams can cause identity theft, undetectable financial transactions, SIM swap fraud, and long-term abuse of personal data. Stolen data may be sold or used to conduct secondary attacks on individuals or to carry out future attacks on groups of targeted entities on the dark web. This can cause loss of public trust, financial loss, and restricted access to essential services by people whose digital identities have been compromised.

How can citizens and authorities strengthen safeguards against such threats?

Citizens should rely only on verified government portals, avoid sharing sensitive information, and enable multi-factor authentication. Regular awareness campaigns and digital literacy are critical. Authorities must strengthen domain monitoring, take down fraudulent infrastructure swiftly, and collaborate with cybersecurity firms to track threats. Proactive threat intelligence and public advisories can significantly reduce risk exposure.