A defence-linked government body has issued an advisory warning of a phishing email campaign circulating with varied subject lines and password-protected attachments that could pose a risk to official IT systems and sensitive data, according to a document seen by Moneycontrol.
The advisory, issued on February 20, cautions officials against opening links or downloading attachments from unknown or suspicious sources and instructs them not to reply to or forward such emails.
"It has been observed that a phishing email is currently being circulated, bearing varying subject lines (such as "Operational Deployment during the year", "Control Room 29 BN", "Digital Notice Board Solution", etc.) and containing password protected attachments or similar variants. Such emails are suspected to be malicious in nature and may pose a risk to the security of official IT systems and data," the advisory read.
The advisory was issued by the Controller General of Defence Accounts (CGDA), the defence finance and accounts authority responsible for managing payroll, pensions and financial oversight for the armed forces and defence establishments.
The organisation oversees a vast digital and administrative network handling sensitive financial and personnel data, making it a critical target for cyber threats.
Officials have been asked to immediately report any such messages along with technical details such as the sender's email address, subject line, time of receipt and attachment information to enable further action.
Those who may have inadvertently interacted with the emails have been advised to change their passwords without delay and inform authorities to help mitigate potential damage.
"Any inadvertent interaction with such an email (opening of attachment/clicking of link) should be reported without delay to enable timely mitigation. In such instances, it is advised to change the email passwords immediately," the advisory read.
The warning comes amid a broader rise in phishing and malware campaigns targeting government departments and public institutions in India.
In recent months, multiple ministries and agencies have stepped up cyber vigilance measures as attackers increasingly use password-protected files and official-looking subject lines to bypass email security filters and trick recipients into opening malicious content.
The advisory also directs senior officials to sensitise staff under their administrative control and ensure strict compliance with the instructions in the interest of safeguarding official IT systems and data.
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
Find the best of Al News in one place, specially curated for you every weekend.
Stay on top of the latest tech trends and biggest startup news.
