3 min read
A sophisticated banking scam is currently targeting Meezan Bank customers, raising serious concerns about data privacy and cybersecurity in Pakistan’s banking sector. Scammers are now using “Caller ID Spoofing” to make phone calls appear as if they are coming directly from the bank’s official helpline.
This alarming trend came to light on November 25, when Islamabad-based journalist Ammar Khan Yasir exposed a fraud attempt that nearly cost him his savings.
پاکستان کے سب سے بڑے بینک کا ڈیٹا لیک، سب احتیاط کریں،
بینک کے آفیشل نمبر سے کال، یہ کیسے ممکن؟ اسکیمرز سب جانتے؟
۔
۔
۔#ammarkhanyasir #meezanbank #scam pic.twitter.com/JUbuw2Lv1P— Ammar Khan Yasir (@ammarkhanyasir) November 23, 2025
Translation:
Data leak of Pakistan’s largest bank, everyone be careful. A call from the bank’s official number, how is this possible? Do scammers know everything?
The Incident: A “Verified” Call from Meezan Bank
The incident began when Yasir received a call from what appeared to be Meezan Bank’s official number. According to the journalist, the caller spoke with professional confidence and, shockingly, already possessed every single detail of his bank account.
The scammer’s objective was to trick the user into revealing the One-Time Password (OTP). This OTP was the final key required to empty the account within minutes. Fortunately, Yasir sensed something was wrong. He refused to share the code and recorded the call instead.
The most concerning aspect of this fraud is the source of the data. Yasir revealed that the specific ATM card the scammer attempted to use actually belonged to his wife.
Crucially, this card had a near-zero digital footprint. It was used only a few times a year and strictly at ATMs. The card had never been swiped at a Point of Sale (POS) machine, never used for online shopping, and never inserted at a shop.
Consequently, there was no logical way for the card’s information to be skimmed or hacked through normal usage. This led Yasir to conclude that the sensitive data was leaked from within the banking system itself.
Viral Response & Millions in Losses
After the incident, the clip Yasir posted on social media quickly went viral, amassing over two million views. Soon, his inbox was flooded with messages from other victims who were not as lucky.
Multiple users reported falling prey to the exact same tactic. Losses ranged significantly:
- Some lost between Rs. 10,000 and Rs. 20,000.
- Several victims lost between Rs. 200,000 and Rs. 300,000.
- One individual reported a staggering loss of Rs. 1.6 million.
کل میں نے ایک ویڈیو بنائی تھی جس میں بتایا تھا کہ مجھے میزان بینک کے آفیشل نمبر سے کال آئی، اور کال کرنے والا میرے بینک اکاؤنٹ کی ساری تفصیلات بتا کر مجھ سے OTP مانگ کر صفایا کرنا چاہتا تھا ، اسے بینک اکاؤنت کی ساری تصیلات پہلے سے پتا تھی
میں نے وہ کال ریکارڈ کی، ویڈیو بنائی… pic.twitter.com/d7N5FYgy9N— Ammar Khan Yasir (@ammarkhanyasir) November 24, 2025
Meezan Bank Responds
Following the viral outcry, Meezan Bank’s headquarters contacted the journalist on the morning of November 26. The bank stated that they are taking the matter seriously. They also expressed a desire to collaborate with Yasir to better educate the public regarding these frauds.
In response, Yasir advised the bank to deploy cybersecurity experts rather than just PR representatives. He emphasised that the public needs to understand the technical mechanisms of these scams, specifically how spoofing works, to effectively protect themselves.
How to Stay Safe
This incident proves that scammers are becoming more sophisticated. Even the most cautious users can be fooled by spoofed official numbers. Please remember these safety rules:
- Don’t Trust Caller ID: Scammers can easily mimic official bank numbers.
- Guard Your Data: Never share your CNIC, ATM PIN, or account details over the phone.
- The OTP Rule: Your bank will never ask for an OTP. This code is your personal security line. Sharing it guarantees financial loss.
