Some cyber criminals hacked into the pharmaceutical company Jindal Drugs Private Limited which led to them getting some information which they used to impersonate one of the company officials. After managing to impersonate the company official, the hackers then went on further to ask one of the clients represented by the company to make one urgent payment in the name of the company of about Rs4.27 crore. The hackers attacked the company’s accountant and sales department.
This incident marks the second time that the hackers have actually hacked into the JDPL’s systems. Back in August 2015, the company also suffered another cyber attack which also duped the company’s clients who are based in Delhi of about Rs5 lakh.
The hackers are believed to have been the same gang that acted on both incidents and they used the same methods too in both incidents. Fortunately, the client called the company before making any payments which meant that this time there was no money loss for anyone. However, the ease at which they have done this and without any security firewalls is worrying.
A police report noted that the event actually took place last month after the general manager of the legal department of the company, Sanjay Kekiti had registered a complaint with the local police officers. The main branch of the pharmaceutical company is at the Bakhtawarr building which is in Nariman Point.
One officer from the Marine Drive police station said that the hackers had managed to get into the system and gotten hold of the details of the clients. After that, they managed to create a fake email ID which could be linked to the pharmaceutical company and closely resembled that of the accountant and firm sales department. After that, they emailed the client and then demanded money. In the email, the group claimed that there was a problem with the usual bank accounts, therefore, the clients had to send money into the new accounts.
They were asking the people to make some immediate payments. The officer, who spoke on condition of anonymity also said that since the incident had taken place before, the company had asked all its clients to confirm before making any payments, and thankfully the client did which led to them being saved.
The police also said that the cyber criminals usually approach some poor people so that they can get identity documents in exchange for Rs 5,000. With the documents, the cyber attackers can then open some national bank accounts which they would use in their scams.