The National Telecom and Information Technology Security Board (NTISB) has issued a strong warning to the Federal Board of Revenue (FBR) that new cyberattacks on the FBR’s IT systems are expected in order to collect secret information.
NTSIB issued a warning to the FBR
On Wednesday, the NTSIB issued a warning to the FBR, recommending that staff handling IT systems, computers, and guardians of taxpayer databases take preventative measures.
The NTISB has alerted the FBR in a new letter that hackers are sending government job advertisement-related emails to unconstrained users in order to obtain confidential information and launch a cyberattack on government organizations.
Govt Jobs/ Recruitment
Hackers are spreading a phishing email with the subject “Govt Jobs/ Recruitment” that contains a malicious Word document as an attachment. A Trojan executes in the background when you download the attachment. Confucius APT Group used a spear-phishing assault to collect information on a massive scale using a biodata form.
An individual’s computer/device is compromise when they open the infect email attachment, and the hacker gains access to all store data. To protect their personal information, end users are advise not to open attachments or click links supply via such appealing emails, according to NTISB.
On Wednesday, the FBR’s IT arm, Pakistan Revenue Automation Limited (PRAL). Issued an advising notice to the FBR on how to avoid false FBR emails.
PRAL urged FBR staff to closely adhere to the IT Security Policy authorized by the FBR. Employees were instruct not to open attachments in suspicious emails, particularly those containing Word, Excel, PowerPoint, or PDF files. Employees of the FBR also order to double-check the senders’ email addresses. PRAL also cautioned FBR personnel about disclosing personal information to third parties and asked them not to do so.
Sensitive information should be handle with caution
Other recommendations said that all sensitive information should be handle with caution. And that such material should be disseminate using secure methods. Employees also encourage to change their passwords on a regular basis. Employees should seek assistance from the local PRAL technical support team, according to the advice. It further stated that if an employee’s computer system is hack. The employee should immediately disconnect the machine from the internet and call the PRAL Technical Support Team.