Citizens are being targeted by cybercriminals impersonating the Office of Commissioner Police Department through fraudulent emails, falsely accusing recipients of cybercrime offenses.
The National Computer Emergency Response Team (CERT) has warned that this phishing campaign aims to instill fear and manipulate individuals into revealing personal and financial information. The advisory highlights multiple red flags, indicating that the attack is part of a broader social engineering scam.
The fraudulent emails pressure recipients to respond within 24 hours by threatening legal action, arrest, media exposure, and blacklisting. National CERT identified major inconsistencies in the emails, including the fact that no “Commissioner Police Department” exists in Pakistan.
The emails also cite Indian laws, such as the POCSO Act 2012 and Sections 67A and 67B of the IT Act, which do not apply to Pakistan. Additionally, the scam operates through a fake domain (officereportcrime.org), instead of an official .gov.pk address, and falsely claims affiliation with the National Highway & Motorway Police, an agency that does not handle cybercrime cases.
The advisory outlines key risks associated with the scam, including identity theft, financial fraud, credential theft, and data breaches. Victims who respond may unknowingly provide sensitive information that cybercriminals can exploit. Attackers use intimidation and urgency to manipulate recipients, increasing the likelihood of fraudulent success. The scam also poses a risk to organizations, as compromised employee accounts could expose entire corporate networks to cyberattacks.
National CERT has issued recommendations to counter the threat, advising individuals not to respond to suspicious emails, verify sender authenticity, enable multi-factor authentication (MFA), and report phishing attempts to authorities. Organizations have been urged to conduct security awareness training, implement email security protocols, and deploy advanced threat detection measures. Monitoring network traffic for anomalies and maintaining an incident response plan are also crucial steps in preventing cyber fraud.
The advisory calls for long-term measures, including regular cybersecurity audits, public awareness campaigns, and updates to policies combating phishing scams. Strengthening legal frameworks and adopting a zero-trust security approach could help mitigate future threats. National CERT has urged individuals and organizations to remain vigilant, report suspicious activity, and take proactive measures to safeguard against phishing attacks.
Stay Connected with ProPakistani
Get the latest tech news, telecom insights, and product launches wherever you prefer.
Add ProPakistani to Preferred Sources and see more of our stories in Google Search and Top Stories.
