wordpress blog stats
Connect with us

Hi, what are you looking for?

Government officials targeted by malicious web link seeking vaccination status: Report

In a phishing attempt, several government officials were targeted by a malicious web link asking them to update their vaccination status, The Hindu reported on Wednesday. These links were sent by WhatsApp, SMS, and email and Defence Ministry officials were among those targeted, the report added.

The messages on WhatsApp and on SMS were formatted in a manner that made it seem that it was sent by the Ministry of Health and Family Welfare. It read, “As per directives of MoHFW, confirm your COVID status on https://covid19india.in and generate your vaccination certificate.”

When clicked on the link, it directed users to a “@gov.in” website that resembled the official government website “mygov.in.” On the fake page, users were asked to entire their official e-mail and password, the report stated.

Defence Ministry officials targeted

In an email to a Defence Ministry official, a Google drive link was shared in the pretence that the information was being collected regarding post-vaccination measures as part of an awareness drive. However, the link was actually a phishing attempt to access official e-mails and correspondence, the report stated.

Some officials also received phone calls from someone claiming to be from an Army Hospital and asked the official to update vaccination status by clicking on the link shared on WhatsApp, the report stated. However, phishing attempts were thwarted because the officials were sensitised to not click on the link, the report added.

Advertisement. Scroll to continue reading.

Adding to the list of cyber attacks targeting the government

Last month, Air India (AI), the government’s erstwhile jewel in the sky, reported a massive data breach that compromised the personal details and information of 4.5 million customers. It is one of the most significant data breaches in recent history given that customer information stored for nearly a decade was compromised.

Earlier in March, the Indian Computer Emergency Response Team (CERT-In) issued an alert to the Ministry of Road Transport and Highways on Sunday regarding “targeted intrusion activities” with “possible malicious intentions” aimed at the Indian transport sector. This alert came a few days after CERT-In revealed that it received 26,121 reports of Indian websites being hacked in 2020, of which 59 websites belonged to central ministries/departments or to state governments.

In the months before this alert, there were several cybersecurity incidents on Indian government domains. Attackers previously used compromised government emails ending in @gov.in or @nic.in to carry out phishing scams targeting officers and luring them into sharing sensitive information. The devices of multiple former defence personnel were found to be compromised by this attack.

In February, Recorded Future, an American company that studies the use of the internet by state actors, uncovered a Chinese state-sponsored cyberattack that was targeting India’s electricity grid and power distribution systems. According to Recorded Future, Red Echo, the organization behind the attack, deployed malware known as ShadowPad. The attack was linked to the unexpected power outage that hit Mumbai in October 2020, but the government has denied any connection. The government, however, said that it is aware of ShadowPad, and has taken appropriate steps against it.

Last June, the National Highway Authority of India (NHAI) suffered a ransomware attack, although NHAI said that the attack was foiled and no data was lost.

Also Read

Advertisement. Scroll to continue reading.

Written By

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.



The US and other countries' retreat from a laissez-faire approach to regulating markets presents India with a rare opportunity.


When news that Walmart would soon accept cryptocurrency turned out to be fake, it also became a teachable moment.


The DSCI's guidelines are patient-centric and act as a data privacy roadmap for healthcare service providers.


In this excerpt from the book, the authors focus on personal data and autocracies. One in particular – Russia.  Autocracies always prioritize information control...


By Jai Vipra, Senior Resident Fellow at Vidhi Centre for Legal Policy The use of new technology, including facial recognition technology (FRT) by police...

You May Also Like


135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...


Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...


By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...


Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ