One of the most widely trending Twitter handles in India, since the past two days has been of renowned journalist and former TV news anchor Nidhi Razdan — but the reasons seem inexplicable as of now!
Months after announcing her appointment as a Harvard University Professor, the International Press Institute award-winner and a prominent journalist Nidhi Razdan recently took to social media confessing that she had fallen for an elaborate “phishing” attack. Nidhi was systematically beguiled into believing that she had been offered an Associate Professor’s job at the prestigious Harvard University.
In a statement issued on Twitter, she mentioned filing a complaint with police along with the relevant documentary evidence. According to Razdan, “the attackers used clever forgeries and misrepresentations to obtain access to her personal data and communications and may have also gained access to her devices and social media accounts”. She had earlier announced her resignation from NDTV as an Editor and Anchor on 13th June 2020.
Nidhi Razdan’s detailed account of the incident
In a detailed explanation on her NDTV blog, Nidhi narrated her ordeal mentioning how she was interviewed online for 90 long minutes, received an offer letter and agreement from an official Harvard email id. She further asserted that all the documents appeared to be on a genuine letterhead with the University insignia that included signatures of Harvard University officials who are presently employed with the University. Moreover, all her former employers at NDTV were sent separate e-mails for recommendation letters and validation of credentials.
While there have been numerous sophisticated phishing attacks on journalists like Nidhi Razdan across the globe, this is first of its kind with an Indian journalist involving the fraudulent usage of a prestigious University appointment.
Is this really Phishing?
According to the Online Harassment Field Manual of Pen America, “Phishing is an online scam that starts with some form of communication—an email, a text, a WhatsApp message — designed to look like it comes from a trusted source”. Fraudsters usually aim to attain the targets’ personal data by sending them a link/attachment which, once opened, can be used to gain access to the victim’s electronic device/mobile, and thereafter all kinds of sensitive information including bank details and private conversations.

There are various forms of Phishing, known by terminologies such as Spear Phishing, Whaling, Smishing and Vishing, and Angler Phishing. Aaron Higbee, cofounder and CTO of anti-phishing firm Cofense mentions that while e-mail phishing may not be target specific, a spear campaign is specifically crafted with a malicious intent aiming at a specific target, such as senior executives and illustrious personalities – that can often be politically motivated.
Past precedence and red flags
In 2019, Iranian-born German science journalist and academic Erfan Kasraie received an email that purportedly came from a Wall Street Journal reporter with an intention to hack his account. Kasraie immediately sensed something wrong after a single glance at the email which was confirmed when the follow-up e-mail asked for his Google password to get the access to the questions. In a separate incident, Prague-based Iranian filmmaker Hassan Sarbakhshian received a message asking him to sign a contract for access to his pictures by Wall Street Journal, which he did not accede to, sensing fraud.
An Iran-linked hacking group, often known as “Charming Kitten”, has long been targeting journalists and researchers in the United States, and entities in the UK, Israel, Iraq, and Saudi Arabia, as per the latest report by London-based cybersecurity company Certfa Middle East.
Watch: Growing Cyberattacks targeting Journalists
Attacker’s Mindset
Amongst the most widely used tools to attack the target is Password Reset, wherein the attackers send out e-mails to inform the unsuspecting targets about multiple unsuccessful login attempts, thereby offering to secure the respective account. Another technique implemented by the attackers is by presenting the phishing pages on the Google infrastructure. Attackers also create malicious third-party applications disguised as the originals, in order to grant an access to their accounts.
While the attackers are experts in their job and malicious intent, a careful watch for the red-flags can certainly save an individual from becoming a victim to these malevolent intentions. With the exponential growth of social media and the wealth of personal information accessible through it, threat actors continue to devise new methodologies for spear phishing campaigns and malign their targets. It finally rests on the individual to remain wary of such intents and safeguard themselves.
