UP Cyber Fraud Alert: How Email Spoofing Cost HAL Kanpur Rs 55 Lakh

Reported By :

Last Updated:March 17, 2025, 15:32 IST

“This has been an eye-opener. We are implementing stringent measures to ensure this never happens again,” said an HAL executive

Uttar Pradesh has witnessed a surge in cyber frauds, targeting individuals, businesses, and even government institutions. (File)

In what can be termed as one of Uttar Pradesh’s (UP) most peculiar cyber fraud cases, Hindustan Aeronautics Limited (HAL), Kanpur, a crucial defence sector enterprise under the Ministry of Defence, has fallen prey to a sophisticated email scam, resulting in a loss of approximately Rs 55 lakh.

Officials investigating the matter said that cybercriminals executed the fraud by impersonating an American supplier and deceiving HAL officials into transferring the amount to their account.

MODUS OPERANDI

HAL Kanpur, engaged in manufacturing and overhauling fighter aircraft, regularly procures aviation parts from international suppliers. The cybercriminals targeted HAL’s transaction with P.S. Engineering Inc., USA, a supplier of aircraft components.

The fraudsters infiltrated HAL’s communication chain and created a deceptive email ID—jlane@ps-enginering.com, which closely resembled the supplier’s legitimate ID, gledbetter@ps-engineering.com.

Posing as the supplier, they directed HAL to transfer $63,405 (approximately Rs 55 lakh) to their bank account. Unaware of the deception, HAL officials processed the payment.

“We never imagined such a sophisticated fraud could bypass our security measures. It was only when the actual supplier inquired about the payment that we realised something was wrong," an HAL official stated.

DISCOVERY OF THE FRAUD

The fraud came to light when HAL officials followed up with P.S. Engineering Inc. about the shipment, only to learn that the company had never received the payment. Upon reviewing their email communications, HAL officials were stunned to discover they had been corresponding with a fraudulent email ID. “The realisation sent shockwaves through our team. We immediately suspected a cyber breach and reported the matter to the Cyber Police Station in Kanpur," said a senior HAL executive.

EMAIL SYSTEM COMPROMISED?

Investigators believe the cybercriminals had been monitoring HAL’s email exchanges for weeks, enabling them to time their attack perfectly.

“The precision with which the scammers executed their plan suggests they had access to HAL’s internal communications," said officials investigating the matter.

The cyber police, however, suspect it to be a case of email breach and have roped in experts from Indian Institute of Technology (IIT), Kanpur to analyse the attack. “We are examining whether malware was used to infiltrate HAL’s email servers," said Sunil Varma, in-charge of the Cyber Police Station. Varma said the initial investigations point to a sophisticated cyber operation.

INVESTIGATION UNDERWAY

Following the fraud, HAL’s Additional General Manager lodged a formal complaint, prompting an extensive investigation. “We have identified some leads and expect to make arrests soon. The fraudsters likely operated from outside India, which complicates the case, but we are working with international cybersecurity agencies to trace them," confirmed Varma.

STRENGTHENING CYBERSECURITY MEASURES

In response to the breach, HAL has introduced stricter protocols for financial transactions. The company now mandates video calls with vendors before authorising international payments, ensuring direct verification. Any change in bank details must undergo multi-level verification involving different departments and digital authentication.

Additionally, HAL has enhanced its email encryption to prevent unauthorised access and phishing attempts. Employees handling financial transactions will also undergo regular cybersecurity training to recognise and respond to potential threats.

Recognising the need for continuous monitoring, HAL is also working with cybersecurity firms to deploy AI-based fraud detection systems that can flag suspicious email activity in real time. “This has been an eye-opener," said an HAL executive. “We are implementing stringent measures to ensure this never happens again."

A CLASSIC CASE OF EMAIL SPOOFING

Cybersecurity expert Rakshit Tandon said, “Email spoofing and social engineering attacks are becoming more advanced. Companies must employ dual-verification processes and educate employees about phishing tactics."

The Indian government has been pushing for stronger cybersecurity infrastructure, particularly in defence and public-sector undertakings. However, there is a need for continuous vigilance. “We must not forget that we are dealing with criminals who adapt quickly," he said, calling HAL’s case a “classic case of email spoofing", where attackers manipulate email addresses to appear legitimate while intercepting sensitive communications.

WHAT IS EMAIL SPOOFING?

Tandon said it is one of the most deceptive forms of cyber fraud. “It exploits the trust organisations place in email communication, tricking employees into transferring funds to fraudulent accounts. In this case, the cybercriminals meticulously tracked HAL’s procurement process, mimicked the supplier’s correspondence style, and inserted themselves at a critical moment to redirect funds," he added.

He further emphasised that such attacks often go unnoticed until financial damage occurs. “Organisations need to verify every transaction independently, especially when payment details are altered," he added.

He said this is one of the most peculiar cases of email spoofing. “Many organisations fail to verify email credentials before executing large transactions, making them easy targets," he added.

OTHER CYBER FRAUDS IN UTTAR PRADESH

The HAL incident is not an isolated case. Uttar Pradesh has witnessed a surge in cyber frauds, targeting individuals, businesses, and even government institutions. In the past three years, Uttar Pradesh has recorded approximately 3 lakh cases of cyber frauds. The state consistently reports the highest number of such cases in India.

In 2023 alone, around 2 lakh cases of financial cyber fraud were registered in UP, making it the worst-affected state in the country. Cybercriminals are leveraging increasingly sophisticated techniques such as phishing, identity theft, and ransomware attacks to exploit vulnerabilities across sectors.