Pakistan recorded more than five million cyberattacks during the first three quarters of 2025 as the country’s fast-growing digital economy outpaced cybersecurity awareness and online safety practices, according to a new report by Maldives Insight.
The report said the increasing use of smartphones for banking, payments and storing personal information has accelerated digital transactions across the country. Mobile banking services, e-wallets and e-commerce platforms continued to expand rapidly throughout the fiscal year.
Nearly 90 percent of retail transactions in FY25 were conducted through digital channels. The country’s Raast instant payment system also processed hundreds of millions of transactions, reflecting Pakistan’s ongoing transition toward a cash-light economy.
Despite this growth, weak passwords, poor data protection habits and limited awareness of cyber threats have left both individuals and organizations vulnerable to attacks. Many users remain unfamiliar with essential security practices such as creating strong passwords, enabling multi-factor authentication and identifying phishing attempts.
The report noted that cybercriminals are increasingly targeting human behaviour through fake phone calls, fraudulent websites and malicious links rather than relying solely on technical exploits.
More than 166,000 banking malware attacks and over 126,000 spyware incidents were detected during the reporting period. Government agencies, businesses, educational institutions and telecommunications providers were also among the targets.
Official data cited in the report showed that Pakistan recorded more than 500 cybersecurity incidents in 2025, up from 410 incidents in 2024.
Cybercrime reportedly increased by 35 percent during the year, driven mainly by hacked WhatsApp accounts, online fraud and financial scams. More than 73,000 complaints were filed nationwide.
If this article helped you, please consider supporting our work. Every small contribution keeps Abijita.com independent and running.
Concerns over data privacy have also grown following reports that sensitive personal information and identity-related data appeared on illicit online marketplaces. Although authorities disputed some claims about the source of the leaked data, the incidents have intensified scrutiny of the country’s data governance and cybersecurity measures.
