In a public service announcement issued in January 2021, the Federal Investigation Agency (FIA) highlighted the alarming “Easypaisa Account Block Fraud.” According to the PSA, scammers pose as representatives of the company and contact victims, claiming that their Easypaisa accounts are blocked. They ask customers to reveal a specific code, and once the code is shared, the hackers gain access to the victims’ digital wallets, emptying their funds.
Despite FIA’s warnings and multiple disclaimers from banking institutions urging customers not to disclose any personal information, OTPs, pin codes, or passwords to unknown callers, customers continue to fall prey to these fraudulent calls and text messages.
Recently, a correspondent received a suspicious call from someone claiming to be a senior supervisor at the Islamabad Jazz Cash office. The caller insisted that the correspondent’s Jazz Cash account was blocked and requested the OTP to unblock it. Sensing the scam, the correspondent refrained from sharing any details and investigated whether others had encountered similar situations.
On social media platforms, users have shared their experiences of being defrauded by individuals posing as Jazz Cash representatives, requesting OTPs or pin codes, leading to unauthorized transactions from their Jazz Cash wallets. Telecom companies, including Telenor and Jazz, have denied any strange activities or data breaches on their networks.
Although Twitter users claimed that databases were hacked and sold via Telegram in January 2022 and May 2020, both Jazz and Telenor officially refuted these allegations. The leaked personally identifiable information (PII) of 115 million subscribers, with the majority being Jazz mobile operator users, was reportedly sold for 300 bitcoins in 2020.
Profit spoke to Murtaza Ali, CFO of Jazz Cash, who dismissed the scammer calls as a result of previous data leaks. He emphasized that customer data is encrypted and stored separately from the digital wallets’ data. Ali suspected that scammers obtain personal details from local vendors to target registered Jazz numbers.
To combat these frauds, Jazz Cash has focused on customer education through SMS marketing and public service announcements. They have implemented new password controls to prevent OTPs from being shared via text messages. The official Jazz call centers follow a hybrid approach, with sensitive information handled in-house and the rest outsourced. The company remains committed to data compliance standards set by the State Bank of Pakistan, ensuring robust data security.
Despite the telecom companies’ assurances, it is evident that massive consumer data leaks can severely impact the FinTech industry and customer participation. The national FinTech industry must adopt robust data protection mechanisms to tackle these ongoing scams effectively.
