 "Security agencies detect phishing fraud that mimics MoD's official website")
Indian cyber-security agencies have detected a phishing fraud that "mimics" the official website of the Ministry of Defence to "harvest" the log-in credentials of officials to "steal" sensitive government documents.
An advisory issued this week by the National Informatics Centre (NIC) has identified two phishing links -- mod.gov.in.aboutcase.nl/publications.html and mod.gov.in.army.aboutcase.nl/publications.html.
The communication has been accessed by PTI and it says both the URLs seek NIC-provided log-in credentials of government officials through a fake e-mail that comes attached with a "fake" document titled "Hackers Targeted Defence Personnel in Mass Cyber Attack".
Once individual credentials like log-in IDs and passwords are punched, the links re-direct the users to a "login-error.html" page.
"Both the phishing URLs have mirrored the original MoD website (www.mod.gov.in) to lure end users into believing they are legitimate MoD websites," the communication says.
The two links are "mimicking" the Department of Defence under the Ministry of Defence and the phishing campaign is primarily aimed at harvesting the NIC credentials of government officials to steal sensitive documents pertaining to the Indian government, the communication says.
The NIC serves as the backbone of Internet-based government communication.
A phishing attack is defined as the fraudulent practice of impersonating reputed and official names and identities through e-mails, text messages or phone calls to trick the victims into sharing sensitive personal information like banking and credit card details and login or identity information.
The advisory has asked government staffers to delete such an e-mail if received in their inbox. In case they click on the links, the advisory tells them to disable the Internet connection on their computers, change passwords and update the operating system.
It has also asked officials to be aware of suspicious online links and phishing attacks by rejecting e-mails received from untrusted sources and looking for spelling or grammatical errors in such malware-laden mails.
"Be cautious of links shortened by using Bit.Ly or other link-shortening techniques," the advisory says.
A similar phishing attempt mimicking the National Investigation Agency (NIA) was detected in June-July.
(Only the headline and picture of this report may have been reworked by the Business Standard staff; the rest of the content is auto-generated from a syndicated feed.)
You’ve reached your limit of {{free_limit}} free articles this month.
Subscribe now for unlimited access.
Already subscribed? Log in
Subscribe to read the full story →
Smart Quarterly
₹900
3 Months
₹300/Month
Smart Essential
₹2,700
1 Year
₹225/Month
Super Saver
₹3,900
2 Years
₹162/Month
Renews automatically, cancel anytime
Here’s what’s included in our digital subscription plans
Exclusive premium stories online
Over 30 premium stories daily, handpicked by our editors
Complimentary Access to The New York Times
News, Games, Cooking, Audio, Wirecutter & The Athletic
Business Standard Epaper
Digital replica of our daily newspaper — with options to read, save, and share
Curated Newsletters
Insights on markets, finance, politics, tech, and more delivered to your inbox
Market Analysis & Investment Insights
In-depth market analysis & insights with access to The Smart Investor
Archives
Repository of articles and publications dating back to 1997
Ad-free Reading
Uninterrupted reading experience with no advertisements
Seamless Access Across All Devices
Access Business Standard across devices — mobile, tablet, or PC, via web or app