NEW DELHI: Cybersecurity agencies have alerted government officials about a phishing scam targeting their login credentials by replicating official government websites.

The National Informatics Centre (NIC) has flagged two malicious URLs, “mod.gov.in.aboutcase.nl/publications.html” and “mod.gov.in.army.aboutcase.nl/publications.html,” which falsely appear to be legitimate Ministry of Defense (MoD) websites.

The phishing campaign involves fake emails sent to government officials with an attachment titled “Hackers Targeted Defense Personnel in Mass Cyber Attack.”

Upon clicking, users are directed to fraudulent websites that closely mimic the MoD site, prompting them to enter their NIC-provided login credentials. After doing so, users are redirected to a “login-error.html” page.

In an advisory, the NIC emphasized that both URLs mirror the official MoD website (www.mod.gov.in) to deceive users into thinking they are genuine.

The phishing campaign is primarily aimed at stealing NIC credentials from government officials to gain access to sensitive documents related to the Indian government.

Government employees have been advised to delete any suspicious emails immediately. Those who have already clicked on the phishing links should disconnect their computers from the internet, change their passwords, and ensure their operating systems are up to date.

The NIC also warned officials to be cautious of links shortened using techniques like Bit.ly and to disregard emails from untrustworthy sources, especially those containing spelling or grammatical errors.

This phishing attempt mirrors a similar campaign detected in June-July, which targeted the National Investigation Agency (NIA).