NEW DELHI— Pakistan’s digital economy is facing a severe crisis amid a wave of cyber scams, data breaches, and online financial fraud, with criminals exploiting online banking platforms and deceptive investment schemes to defraud unsuspecting users, according to a report.
The scope of the problem is staggering. Between 2020 and 2024, Pakistan’s Federal Investigation Agency (FIA) received more than 722,000 cybercrime complaints. Yet fewer than 10 percent were formally investigated, and only 152 cases resulted in convictions. In 2024 alone, more than 13,000 complaints of online financial fraud led to 1,212 arrests, but just 17 verdicts were delivered, highlighting inefficiency and a systemic failure of justice and deterrence, Islam Khabar reported, citing journalist Khaalid Hanif.
The financial sector has also borne the brunt. In the first quarter of 2024, the State Bank of Pakistan fined eight major banks over PKR 776 million for lapses in anti-money laundering, due diligence, and fraud risk protocols. The Banking Mohtasib resolved nearly 28,000 digital fraud complaints that year, with PKR 1.65 billion in restitution. However, these recoveries pale in comparison to unrecovered losses and the growing erosion of consumer trust.
The report noted that digital fraud in Pakistan has evolved into an organized, industrial-scale operation. In July 2025, the National Cybercrime Investigation Agency (NCCIA) dismantled a large Ponzi scheme based out of a Faisalabad call center, arresting 149 suspects, including foreign nationals. Meanwhile, the Securities and Exchange Commission of Pakistan flagged 141 illegal lending apps exploiting platforms like Facebook and WhatsApp, many of which reappeared under new names despite regulatory takedowns.
A 2024 Pakistan Cybersecurity Council report found that more than 60 percent of companies in the country had failed to implement basic protections such as encryption and multi-factor authentication. International institutions have also raised concerns about Pakistan’s cyber vulnerabilities.
Despite efforts including the Prevention of Electronic Crimes Act (PECA) 2016, the National Cybersecurity Policy 2021, and the creation of the Digital Rights Protection Authority in 2025, Pakistan’s response has been described as fragmented. Jurisdictional turf wars between the FIA and NCCIA have caused confusion over investigative authority, further weakening enforcement.
With only 350 cybercrime investigators handling more than 160,000 cases nationwide, each officer faces an average caseload of about 6,000 complaints a year. Some provinces have as few as two digital locators and five forensic vehicles. The judiciary also lacks the technical training, specialized benches, and clarity on digital evidence needed to prosecute complex cybercrimes, the report said.
Pakistan’s digital infrastructure is equally at risk. The Pakistan Telecommunication Authority’s Cybersecurity Report 2024–25 recorded a 17 percent increase in attacks on critical systems, while phishing incidents surged 173 percent globally and mirrored trends at home.
Although the CTDISR-2025 initiative introduced stronger security protocols, compliance has remained patchy and limited largely to major telecom operators. Sector-specific CERTs for banking and government are still in their infancy, and incident response capacity remains underfunded, the report concluded. (Source: IANS)
