Phishing attack targets PSPCL officials

Phishing attack targets PSPCL officials

Kanwar Inder Singh/ royalpatiala.in News/ September 3,2023

All employees of Punjab state power corporation limited (PSPCL) were targeted in a phishing campaign on August 30,2023, with the attackers using compromised PSPCL domain email accounts to launch their hacking attempts, according to powercom official and email seen by royalpatiala.in

A phishing attack was done and an email was sent to PSPCL officials from ae-ds-bhawanigarh with a message “we have been directed to inform that PSPPCL system will not be available from 30-Aug-2023 to 15-Sep-2023. During this period, we will upgrade the system. To avoid your account been deleted CLICK HERE to update record. Regards!! PSPPCL Support”

As per PSPCL chief engineer (IT), “the attack started from a Bhawanigarh sub-division and the IT department of the powercom controlled it immediately before any damage done to the PSPCL or its data.”

PSPCL, superintending engineer (IT) Gagan Chopra said” the Phishing attack was made at around 3:30 am in the morning on August 30,2023 and by 5:00 am we came to know about this. We immediately came into action and altered the Bhawanigarh sub-division staff to not to open the computing system and our experts managed it properly. Moreover PSPCL data is safe and is well protected from any cyber , phishing attack.”

The PSPCL Helpdesk issued an alert soon after the attack, although it isn’t clear at this time whether any of the targeted computers were compromised.

As per sources, as soon as the matter came into the notice of PSPCL officials, they immediately altered the staff and asked them to not to click the ‘click button’. The PSPCL Helpdesk sent a mail to its users with a caution “in view of the above, it is requested to all the E-mail users to delete this mail immediately and not to click on the link mentioned in the body. After clicking on the link, a form will be opened which asks the password and other details. But, it is reiterated that it is not initiated by PSPCL Data Centre Team and PSPCL system will be available without any downtime. So, please delete the mail sent by ‘[email protected]’. If anybody has filled the form after opening the link, please reset your password immediately, otherwise contact PSPCL Helpdesk team to get it reset.”

What Is Phishing Attack?

Phishing attacks are the practice of sending fraudulent communications that appear to come from a reputable source. It is usually done through email. The goal is to steal sensitive data like credit card and login information, or to install malware on the victim’s machine.