These domains can be used to launch spear phishing attacks against the Armed Forces, warns MoD communique

The Ministry of Defence (MoD) has identified about a dozen fake internet domains of official establishments that have supposedly been set up by Pakistani operatives and could be used to target defence personnel.

“It has been observed that few websites have been registered under ‘.in’ domain which are originally hosted by Pakistan-based malicious actors. These websites are hosted to trap Indian defence personnel,” a communique issued by the defence ministry recently states.

“Further research at national levels is in progress to identify more such domains. These domains can be used to launch spear phishing attacks against the Armed Forces,” the communique adds.

The said websites are related to pay, accounts and welfare matters and bear such names likecoordbranch.in,ksb.csl.in,cgda.csl.in,coorddesk.in,e-admin.inandadmindesk.in, which could be used to extract sensitive information.

The MoD has advised users to block the malicious URLs at perimeter security devices and sensitise all personnel about the phishing campaigns originating from these domains and ensure that they do not enter their NIC login credentials on these sites.

Any suspicious emails are to be forwarded to designated cyber security teams, without clicking on any link or opening any attachments, for forensic analysis and further guidelines and thereafter such emails are to be deleted from all folders.

The use of malware, bots and viruses via fake portals and emails is becoming increasingly common and there have been several instances where defence establishments and personnel have come under cyberattack through websites and social media apps.

Personal information and service details of individuals that could be used for manipulation or blackmail, official records and other operational or sensitive information are targets of cyberattacks.