National Telecom and Information Technology Security Board (NTISB) has issued a stern warning to the Federal Board of Revenue (FBR) that fresh cyberattacks are expected on the FBR’s IT systems to obtain confidential information available with the FBR.
The NTSIB issued a warning to the FBR on Wednesday to prescribe precautionary measures for the FBR employees handling IT systems, computers, and guardians of the taxpayers’ databases.
Through a new letter, the NTISB has warned the FBR that government job advertisement-related emails are being sent to unrestricted users by hackers with the purpose to acquire confidential information and a potential cyberattack on government institutions.
A phishing email with the subject “Govt Jobs/ Recruitment” which contains a malicious Word document as an attachment is being spread by hackers. On downloading the attachment, a malware runs in the background. It is a spear-phishing attack conducted by Confucius APT Group to gather information at a large scale through a biodata form.
On downloading the malicious email attachment, an individual’s computer/ device is compromised and the hacker gains access to all the stored data. End users are urged to abstain from downloading attachments or clicking links sent via such enticing emails in order to protect their personal information, NTISB added.
On Wednesday, the Pakistan Revenue Automation Limited (PRAL), the IT arm of the FBR, also issued an advisory notice to the FBR on prevention of fake FBR emails.
PRAL instructed the FBR employees to strictly follow the FBR-approved IT Security Policy. The employees were asked not to open attachments in suspicious emails especially Word, Excel, PowerPoint, or PDF attachments. The FBR employees were further asked to verify the senders by checking their email addresses. PRAL also warned FBR employees to be careful when providing personal information and asked not to provide credentials to third parties.
Other recommendations said that all sensitive information should be handled with care and dissemination of such information should be done through secure means. Employees were also asked to change the passwords of their respective accounts regularly. The advisory asked employees to contact the local PRAL technical support team for any assistance.
It further said that in case an employee’s computer system is compromised, the employee should disconnect the computer from the internet and immediately contact the PRAL Technical Support Team.