The Pakistan Telecommunication Authority (PTA) has issued a serious warning that fake job offers from alleged Indian linked entities are being used to ensnare unsuspecting Pakistanis and extract sensitive personal and institutional information. The ruse is being used to harvest data via deception, with implications for national security.
According to PTA sources, these campaigns often begin with job listings on LinkedIn, regional portals, or social media platforms. Applicants, especially youth, freelancers, or professionals seeking overseas opportunities, are lured into WhatsApp or Telegram “recruitment hubs.”
Once inside, they may be instructed to share selfies, IDs, location data, and even operational details of workplaces. Victims have also been reportedly asked to pay extortion amounts in the range of 1 to 1.5 million PKR to avoid exposure or penalty.
Some fake recruiters pose as HR personnel, sending messages about interviews, onboarding, or remote work assessments. Others ask participants to download “assessment” apps that act as data exfiltration agents. The collected intelligence reportedly targets critical infrastructure, telecom nodes, and institutional personnel.
In summer 2025, Pakistan’s National CERT issued warnings about such fraud networks, specifically cautioning youth and freelance professionals against joining shady recruitment hubs where extortion is later demanded. They also warned of a Israel-based spy agencies targeting Pakistani youth with lucrative job offers on Google ads, just as India is allegedly doing now through messaging apps.
The threat extends beyond national borders. In May 2025, the Pakistani Embassy in UAE warned its citizens to be wary of fake overseas job offers, particularly those promising lucrative roles abroad, reflecting that the campaign may also target diaspora communities.
Also, back in April 2025, the PTA took earlier action by blocking 604 URLs tied to fraud, signaling that these schemes are part of a persistent threat landscape.
Media outlets have described the campaign as driven by “Indian websites or agencies,” but as of October 7, no definitive IOCs or forensic evidence have been publicly shared to substantiate those claims.
Policy analysts and cybersecurity experts stress the difference between attribution in media and attribution backed by technical proofs. The investigation remains ongoing.
Victims or witnesses are urged to report incidents to Pakistan’s Federal Investigation Agency (FIA) and National Response Center for Cyber Crime. A standard complaint path is available via the Cyber Alert Service portal, and the FIA runs awareness campaigns across media channels.
Steps to protect yourself:
These tactics are not unique to Pakistan. In 2024, U.S. victims reported over 450 million dollars in losses from job offer scams, per the FTC. Such threats exploit the legitimacy of professional networks and hybrid remote work models.
Unlike traditional cyberattacks, these campaigns exploit human trust and routine behavior, seeking data rather than malware insertion. When sensitive data is exposed, such as IDs, location, and workplace networks, risks to national infrastructure, espionage, and blackmail rise sharply.
Moreover, the cross border, diasporic targeting makes regulatory or national countermeasures harder. Unless structural measures, public education, and swift reporting systems are in place, these fraud networks will continue evolving.