Fraudsters Have Found a New Way of Hacking Pakistani Bank Accounts

Fraudsters in Pakistan have found a new way of tricking innocent Pakistani banking customers who use SMS banking services. These fraudsters are sending SMS messages to customers of different banks telling them that their SMS subscription has ended (when in fact they have not).

The fraudsters tell the users that they must enter their account information to continue receiving FREE alerts about their bank accounts.

Previously these fraudsters used to send emails asking bank customers to change their password, but this new method is apparently more triggering and dangerous as users may soon update their SMS alert status by giving out critical information to fraudsters.

Just have a look at the below SMS that was received by one HBL customer:


Now this message, that apparently came from HBL, is masked, a technique to fool people into believing that it came from legitimate sources.

Read More: What are masked text messages?

Unsuspecting customers who fall prey to this scam, are directed to go to this website ( and enter all their account details (including mother name, CNIC, ATM card number, PIN etc.).

In actuality, they are exposing their details to fraudsters who will use the same detail to empty their accounts.

Not to mention, Pakistani bank account holders have been victim of ATM skimming and other hacks that ultimately lead to illegitimate withdrawal of their funds.

Also Read:

Clearly, Pakistani bank and law enforcement authorities have failed several times in safeguarding the bank accounts of customers. In fact such fraudsters are still going scot-free and indulging in these heinous practices, secure in the belief that there’s apparently no one to stop them.

What Customers Must Do Before Entering their ATM Card Number / PIN

Bank customers are requested to keep these things in mind.

Please note that no bank will ask you for ATM card number or PIN numbers through their websites.

Customers also need to learn that not every website could be the official website of their bank. Make sure that the website they are submitting any data to — if they must — is the official website.

Don’t give away information to any one (on a website, SMS or call) without verifying that they are legitimate and official communication points.

  • Dear Aamir,
    How the hell some one can get masked number on the name of HBL? Is it so easy get this type of number in Pakistan?

  • I disagree with this… “Please note that no bank will ask you for ATM card number or PIN numbers through their websites.” One of the examples is that if you want to increase your online transfer limit on UBL, you have to enter the ATM card number.

  • WhoIS lookup of
    Registrar URL:
    Update Date: 2016-09-22T01:58:20Z
    Creation Date: 2016-09-22T01:58:20Z
    Registrant Name: MUHAMMAD ARIF
    Registrant Organization:
    Registrant Street: G9 MARKZ SILAMABAD
    Registrant City: ISLAMABAD
    Registrant State/Province: PUNJAB
    Registrant Postal Code: 44000
    Registrant Country: PK
    Registrant Phone: +92.111425111
    Registrant Phone Ext:
    Registrant Fax:
    Registrant Fax Ext:
    Registrant Email: [email protected]

  • First of all banks send alerts via short codes not with a masking, and anyone inside or outside Pakistan can send this kind of branded sms without any filters(And Warid’s filter system is weak and receives any other SMS without verification).

    Secondly, One couldn’t receive an SMS from shortcode without any filtration process, each and every sms gets whitelisted first and then the end user receives it.

    3rd: Message Ali? looks shady like someone trying to make a news forcefully, I don’t see any major data on domain, not on and also no data on

  • Lemme clear,

    HAr jagah safarishi banday kaam nahi karsaktay so, you need IT professionals having good expertise in Information Security & Cyber Security.

  • [email protected] is a good of hacker
    Do you need hackers for hire? Do you need to keep an eye on your
    spouse by gaining access to their emails? As a parent do you want
    to know what your kids do on a daily basis on social networks
    ( This includes facebook, twitter , instagram, whatsapp, WeChat and others to make sure
    they’re not getting into trouble? Whatever it is, Ranging from Bank Jobs, Flipping cash,
    Criminal records, DMV, Taxes, Name it,he will get the job done.He’s a professional hacker wi
    20 Years+ experience. Contact
    [email protected]
    . Send an email and Its done. Its
    that eas

  • close