Overseas Pakistanis have been scammed for over two years and robbed of their money and personal data by website www.nadraoline.com, which claimed to process and deliver citizen documents like CNIC, POC (Modification of CNIC) and FRCs (Family Registration Certificate).
According to a National Telecom and Information Technology Security Board (NTISB) notification, the fake portal lured overseas Pakistanis to fill user-friendly NADRA forms.
It doesn’t operate in Pakistan therefore the NTISB believes the criminals running the website targeted only overseas Pakistanis.
Complaints have been received from many overseas Pakistanis that they haven’t received their documents despite filling the forms and submitting the required fee.
The website has a valid digital certificate and its fake forms are very similar to NADRA’s original forms.
The portal has been inaccessible in Pakistan, which shows that the people behind this scam targeted overseas Pakistanis. By not appearing in Pakistan, they have also avoided being blacklisted.
After the identification of the portal by NTISB, a source in the Pakistan Telecommunication Authority confirmed that the website has been taken down.
The NTISB has a list of advice for internet users to avoid being scammed.
- The presence of https, which comes before a website name, doesn’t mean a website is official or authentic.
- All Pakistan government and official websites are followed by gov.pk or in the case of provincial websites, they use first letter of province name like gos.pk or gop.pk for official websites of Sindh and Punjab respectively.
- Always double check the domain and website information before online payments as most of the time money payment through services like Western Union, Money Pak and Money Gram etc are nearly impossible to recover in case of fraud.
- Don’t submit private information on unofficial or insecure websites for registration of accounts as that can be used for online harassment, blackmailing, hacking or identity theft.
- Keep credit and debit card information including banking account passwords private.
- It is mandatory to utilize 2-factor authentication on all social media, email and bank accounts to safeguard against malware and social engineering attacks.
- Never forward OTP (one time password) received on phones or emails to anyone.
Originally Publish at: https://www.samaa.tv/