Investigation underway at “highest level.”
Emails from SIFC should be verified from sender.
Cabinet Division urges installation of antivirus on all systems.
ISLAMABAD: The Cabinet Division has issued a letter to all federal ministries and departments, warning them about fake emails and WhatsApp messages attributed to government departments after a series of reported cyber attacks.
According to the letter issued to all federal ministries on Sunday, there had been reports of fake emails and messages sent to various ministries from fake email ID of “JS (COORD)”.
The letter also stated various ministries also received emails from fake IDs of the Prime Minister’s Office (PMO) and PM Secretariat.
The division said that these fake emails featured malicious attachments that insisted the users download those files on their computers.
In the letter, the Cabinet Division advised all federal ministries to beware of such emails and departments while the matter is being investigated at “the highest level.”
Additionally, emails and phone calls purporting to be from the Special Investment Facility Council (SIFC) may also be fake, according to the letter.
The letter warned the ministries not to receive calls or download files from Javed, who posed as the fake “deputy director of SIFC and PM secretariat” and Shehzad Ahmed who posed as the fake “assistant director of PMO and SIFC Cell”.
“Any WhatsApp messages or emails from above-mentioned credentials or email ID: [email protected], may be ignored and blocked,” the letter read.
The letter also advised that emails, with reference to the SIFC Apex Committee, should be opened after verification from the sender.
According to the Cabinet Division, an anti-virus should be installed in all systems.
The letter read: “Antivirus must be installed on all systems being used for opening of emails. As an alternative, Apple MAC may be used or a PC may be installed with an appropriate user-friendly version of GUI-based linux.”
All the ministries that opened the email attributed to the press secretary of the PMO, dated 3 August 2022, must block the IP address, it added.