wordpress blog stats
Connect with us

Hi, what are you looking for?

Government officials targeted by malicious web link seeking vaccination status: Report

In a phishing attempt, several government officials were targeted by a malicious web link asking them to update their vaccination status, The Hindu reported on Wednesday. These links were sent by WhatsApp, SMS, and email and Defence Ministry officials were among those targeted, the report added.

The messages on WhatsApp and on SMS were formatted in a manner that made it seem that it was sent by the Ministry of Health and Family Welfare. It read, “As per directives of MoHFW, confirm your COVID status on https://covid19india.in and generate your vaccination certificate.”

When clicked on the link, it directed users to a “@gov.in” website that resembled the official government website “mygov.in.” On the fake page, users were asked to entire their official e-mail and password, the report stated.

Defence Ministry officials targeted

In an email to a Defence Ministry official, a Google drive link was shared in the pretence that the information was being collected regarding post-vaccination measures as part of an awareness drive. However, the link was actually a phishing attempt to access official e-mails and correspondence, the report stated.

Some officials also received phone calls from someone claiming to be from an Army Hospital and asked the official to update vaccination status by clicking on the link shared on WhatsApp, the report stated. However, phishing attempts were thwarted because the officials were sensitised to not click on the link, the report added.

Advertisement. Scroll to continue reading.

Adding to the list of cyber attacks targeting the government

Last month, Air India (AI), the government’s erstwhile jewel in the sky, reported a massive data breach that compromised the personal details and information of 4.5 million customers. It is one of the most significant data breaches in recent history given that customer information stored for nearly a decade was compromised.

Earlier in March, the Indian Computer Emergency Response Team (CERT-In) issued an alert to the Ministry of Road Transport and Highways on Sunday regarding “targeted intrusion activities” with “possible malicious intentions” aimed at the Indian transport sector. This alert came a few days after CERT-In revealed that it received 26,121 reports of Indian websites being hacked in 2020, of which 59 websites belonged to central ministries/departments or to state governments.

In the months before this alert, there were several cybersecurity incidents on Indian government domains. Attackers previously used compromised government emails ending in @gov.in or @nic.in to carry out phishing scams targeting officers and luring them into sharing sensitive information. The devices of multiple former defence personnel were found to be compromised by this attack.

In February, Recorded Future, an American company that studies the use of the internet by state actors, uncovered a Chinese state-sponsored cyberattack that was targeting India’s electricity grid and power distribution systems. According to Recorded Future, Red Echo, the organization behind the attack, deployed malware known as ShadowPad. The attack was linked to the unexpected power outage that hit Mumbai in October 2020, but the government has denied any connection. The government, however, said that it is aware of ShadowPad, and has taken appropriate steps against it.

Last June, the National Highway Authority of India (NHAI) suffered a ransomware attack, although NHAI said that the attack was foiled and no data was lost.

Also Read

Advertisement. Scroll to continue reading.

Written By

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.



Looking at the definition of health data, it is difficult to verify whether health IDs are covered by the Bill.


The accession to the Convention brings many advantages, but it could complicate the Brazilian stance at the BRICS and UN levels.


In light of the state's emerging digital healthcare apparatus, how does Clause 12 alter the consent and purpose limitation model?


The collective implication of leaving out ‘proportionality’ from Clause 12 is to provide very wide discretionary powers to the state.


The latest draft is also problematic for companies or service providers that have nothing to with children's data.

You May Also Like


Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...


135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...


Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...


By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ