After HAL loses ₹55L to ‘phishing’ net, police reach out to Interpol
Police authorities hope that this collaboration of theirs with the ministry and other agencies will help them bring the perpetrators to justice
Days after Hindustan Aeronautics Limited (HAL) lost ₹55 lakh to a phishing attack, the state police’s crime branch shot off an urgent email, with crucial information about the fraud, to the Interpol, Union ministry of external affairs, and Reserve Bank of India, said deputy commissioner of police (DCP)-Crime Ashish Srivastava.
Information shared by the crime branch included screenshots of email exchanges, details of a New York-based bank account used by the fraudsters, and the fake domain name and email ID used to deceive the state-run aerospace manufacturer, the DCP added.
Police authorities hope that this collaboration of theirs with the ministry and other agencies will help them bring the perpetrators to justice. Also, experts from IIT Kanpur were being consulted to assist with the technical aspects of the investigation, the official said.
The fraud took place when the scammers, who were pretending to be a US-based company, tricked HAL’s Kanpur division into paying them ₹55 lakh or 63,405 USD in return for fighter jet parts.
The fraud came to light when HAL, which is responsible for manufacturing, overhauling, and servicing several types of transport aircraft, did not receive the parts it had ordered last year. An FIR was filed by Ashok Kumar Singh, the additional general manager of HAL’s transport aircraft division (TAD), on Saturday.
On May 3, 2024, HAL meant to place an order for the parts with P.S. Engineering Inc, a US-based company. However, unknown to HAL, the cybercriminals were closely monitoring the transaction and created a fake email address that closely resembled the legitimate email address of P.S. Engineering. By simply changing letter ‘E’ in the domain name, the criminals tricked HAL into transferring the funds to a fraudulent account based in New York.
Despite the payment being made, the parts never arrived, prompting HAL officials to reach out to P.S. Engineering Inc. When they discovered that no payment had been received by the American company, HAL realised that it had been scammed.
Additional DCP-Crime Branch Anjali Vishwakarma, who is handling the investigation, said there was the possibility of an insider threat, as both HAL and P.S. Engineering Inc. were involved in the communication chain. “We are not ruling out the possibility of an insider threat. Cybercriminals can exploit any vulnerability in a company’s security system, and we are working to uncover where the breach occurred,” Vishwakarma said.
Also, experts from the anti-cyber crime department have also written to the internet service provider (ISP) in the US, asking how it registered and authenticated the domain name and email IDs of a fraudulent company. According to another senior crime branch official, the ISP had been in communication with HAL as well, raising suspicions that an employee from the provider might be involved in the scam.
HAL has been asked to provide the email header, which contains the technical details of the sender, recipient, subject, and message.
The investigation team has also reached out to the Indian Cyber Crime Coordination Centre (I4C) and the Indian Computer Emergency Response Team (CERT-In), which specialises in dealing with phishing attacks.
