Campaigns
Phishing Attack Causes Power Outage

Phishing Attack Causes Power Outage

TAPAirPortugalPortugal Cyber AlertSpain CybersecurityApril2025CyberAttackPortugal and Spain Phishing Attack
A phishing campaign abusing the brand of Portugal's national airline TAP Air Portugal took advantage of the widespread power outage that occurred in Spain and Portugal on 28 April 2025. In a concerted effort to obtain personal and financial information, the perpetrators employed deceptive tactics by disguising fake refund requests as notifications of flight cancellations, ostensibly due to the outage. This incident highlights the power of social engineering attacks in times of crisis.

Indicators of Compromise

No domains found for this campaign

Campaign Guidance

Remediation, mitigation, notes, history and related intelligence

REMEDIATIONS


Attack Vector

Email (mass phishing)

Phishing Technique

Brand impersonation (TAP Air Portugal)

Social Engineering

Crisis exploitation (blackout-related flight refunds)

Delivery Method

HTML-formatted emails with embedded links to phishing pages

Target Sectors

Airline & Travel, Finance, Consumer, Telecom

Targeted Data

Full names, emails, payment card details, login credentials

Phishing Infrastructure

Spoofed domains mimicking TAP Air Portugal refund portal

Indicators of Compromise

[To be filled with specific domains/IPs if detected in monitoring systems]

Observed Countries2

ES (532)
PT (187)