New Delhi: Wipro, India's fourth largest IT giant was hit by an advance cyber phishing attack on Tuesday. Wipro admitted that they are investigating a phishing attack on its computer system. Which is a big cyber-attack on such a big tech firm. 

A statement from Wipro Limited said, “We detected a potentially abnormal activity in a few employee accounts on our network due to an advanced phishing campaign. Upon learning of the incident, we promptly began an investigation, identified the affected users, and took remedial steps to contain and mitigate any potential impact." 

“We have also retained a well-respected, independent forensic firm to assist us in the investigation. We continue to monitor our enterprise and infrastructure at a heightened level of alertness,” the statement said. 

KrebsOnSecurity, a cybersecurity portal has reported the breach in the IT systems of Wipro. According to this web portal, Wipro was dealing with multi-month intrusion from an assumed state-sponsored attacker and that its systems were seen being used as jumping-off points for digital fishing expeditions targeting at least a dozen Wipro customer systems. 
According to the portal, Wipro was building a new private email network as the company believed that the attackers had breached their email system. 

Jhon Page, a security researcher told that hackers can use an unpatched exploit in the web browser like Internet Explorer to spy on windows users and steal data from their computers. 
Unpatched exploit means an unintended flaw in any software coding which exposes it to any potential hacker or any malicious code like virus, worm, trojan. 

According to a security firm Sophos 76% organisation in India were hit by cyber-attacks last year compared to 68% all over the world. 

Wipro spokesperson said that the company received 4.8 million alerts from its cybersecurity team on potential breaches in its systems in the last fiscal year. 

Wipro CEO Abid Ali Neemuchwala said, “Customers were informed to make sure there would be no impact on them.” 

What is phishing? 

Phishing is a type of cyber-attack often used to steal user data, including login credentials, credit card numbers and other personal data. It is carried out by email spoofing or instant messaging, it often directs users to enter personal information at a fake website, the look and feel of which are identical to the legitimate site.