The National Informatics Centre (NIC), an autonomous body under MeitY that oversees government's IT infrastructure, has issued a nationwide advisory, warning central and state government employees of phishing attacks targeting their official email accounts.
The NIC advisory, issued in March 2025 and accessed by Moneycontrol alerted all government departments on how to mitigate such cyber-attacks.
Through phishing, threat actors attempt to steal money, or identity, by getting one to reveal personal information such as credit card details, bank information, or passwords through websites that pretend to be legitimate.
Government employees in India are mandated to use email ids with domain names ending with @nic.in or @gov.in. Attackers have been found to take over such compromised accounts and send phishing emails to officials in the government, or they have been also found to email from ids which sound or look similar to @nic.in or @gov.in.
Phishing Red Flags
"If an email message has obvious spelling or grammatical errors, it might be a scam - e.g. nic.in where the first "i" has been replace by "1", or gov.in where the "o" has been replaced by "0"," the NIC said in the advisory.
The advisory also urged officials to be suspicious of emails which urge that "you must click, or call or open an attachment immediately or urgently".
"Images of text used in place of text (in messages or on linked web pages) may be scam," it added.
Advisory Against Cyber Attacks
In its advisory, NIC has also detailed specific steps to be followed if a user receives or interacts with a phishing email.
Officials have been instructed not to enter their NIC login credentials if redirected to a suspicious login page, and to delete such phishing emails from their inboxes immediately. If a user has already clicked on a phishing link, NIC advises that the affected device should be taken offline, by disabling the internet connection.
The user must then change the passwords of any accounts that may have been compromised, and this should be done using a different device to ensure that the attacker does not gain access to the new credentials.
To prevent potential data loss, users are advised to back up their files to an external hard drive or USB. The device in question should be scanned using antivirus tools, and the operating system, web browsers, and all other installed software should be updated with the latest security patches.
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
