Nearly 500 users were warned of government-backed phishing attacks in India and 12,000 globally, between the three months of July and September, said a Google report. However, the report doesn't make it clear whether the attacks are done by governments on their own citizens or by the governments on other countries' citizens.
Google categorically made it clear that such "government-backed attacks" were carried out in Russia and South Korea. Mostly, the warnings given by Google were regarding the “credential phishing emails” wherein an email is sent to the user asking to enter her/his password.
Google’s Shane Huntley in a blog stated that the company’s Threat Analytics Group (TAG) tracks “more than 270 targeted or government-backed groups from more than 50 countries”. "Intelligence collection, stealing intellectual property, targeting dissidents and activists, destructive cyber attacks, or spreading coordinated disinformation” are the goals of these groups.
Earlier this month WhatsApp had written to the government expressing "regret" over the Pegasus snooping row, and has assured that it is taking all security measures to address concerns, top government sources said. Last month, the Facebook-owned company had showed that Indian journalists and human rights activists were among those globally spied upon by unnamed entities using Pegasus spyware.