
Phishing Attack Causes Power Outage
TAPAirPortugalPortugal Cyber AlertSpain CybersecurityApril2025CyberAttackPortugal and Spain Phishing Attack
A phishing campaign abusing the brand of Portugal's national airline TAP Air Portugal took advantage of the widespread power outage that occurred in Spain and Portugal on 28 April 2025. In a concerted effort to obtain personal and financial information, the perpetrators employed deceptive tactics by disguising fake refund requests as notifications of flight cancellations, ostensibly due to the outage. This incident highlights the power of social engineering attacks in times of crisis.
Indicators of Compromise
No domains found for this campaign
Campaign Guidance
Remediation, mitigation, notes, history and related intelligence
REMEDIATIONS
Attack Vector | Email (mass phishing) |
Phishing Technique | Brand impersonation (TAP Air Portugal) |
Social Engineering | Crisis exploitation (blackout-related flight refunds) |
Delivery Method | HTML-formatted emails with embedded links to phishing pages |
Target Sectors | Airline & Travel, Finance, Consumer, Telecom |
Targeted Data | Full names, emails, payment card details, login credentials |
Phishing Infrastructure | Spoofed domains mimicking TAP Air Portugal refund portal |
Indicators of Compromise | [To be filled with specific domains/IPs if detected in monitoring systems] |
Observed Countries2
ES (532)
PT (187)