ISLAMABAD: The National Telecom and Information Technology Security Board (NTISB) has warned the Federal Board of Revenue (FBR) that hackers are sending government job advertisement-related emails to acquire confidential information of the FBR.
In this connection, the NTISB has issued a warning to the FBR, here on Wednesday.
According to a communication of the NTISB to the FBR, the NTISB has warned the FBR that government job advertisement-related emails are being sent to unrestricted users by hackers with the purpose to acquire confidential information and a potential cyber-attack on government institutions.
A phishing email with the subject “Govt Jobs/Recruitment” which contains a malicious Word document as an attachment is being spread by hackers. On downloading the attachment: a malware runs in the background. It is a spear-phishing attack conducted by Confucius APT Group to gather information at a large scale through a bio-data form.
On downloading the malicious email attachment, an individual’s computer/device is compromised and the hacker gains access to all the stored data/files. End users are urged to withhold from downloading attachments or clicking links sent via such enticing emails in order to protect their personal information, it added.
The Pakistan Revenue Automation Limited (Pral) has issued an advisory notice to the FBR on the prevention against fake FBR emails. The PRAL has recommended the FBR that the FBR approved IT Security Policy must be strictly followed. A copy can be obtained from FBR IT Wing. The FBR employees do not open attachments in suspicious or strange emails especially Word, Excel, PowerPoint, or PDF attachments.
The FBR employees should verify the sender by checking their email address. Call the sender if you have high suspicion. Check the link, before you click, makes sure the links start with HTTPS:// and not HTTP://.
The Pral has also warned FBR employees to be careful when providing personal information, never provide your credentials to third parties. Do not rush or panic reacts, scammers use this in order to pressure you into clicking links or opening attachments. If you gave sensitive information, do not panic. Reset your credentials on sites you have used them. Change your passwords and contact your bank, etc. immediately. Preferably delete the suspicious email without opening it and manually block the sender. Run all software as a non-privileged user (one without administrative privileges) to diminish the effects of any intrusion. It is highly recommended that the computer system must be registered with LAN’s Active Directory server.
All sensitive information must be handled with care and dissemination to all concerned be done through secure means. Change the passwords of your respective accounts regularly. Always memorize the passwords, never write them. Maintain regular offline backups or centralized offline backups of your critical data. Be aware of pop-ups in internet browsers or desktop screens and never enter confidential information on a pop-up screen. Contact your local Pral technical support team for any assistance, Pral maintained. In case of infection/compromise in your computer system, the FBR employees should disconnect the computer from the Internet and immediately contact the Pral technical support team, the Pral added.
Copyright Business Recorder, 2022