National CERT urges urgent action against cyber threats caused by weak email settings
Cyber attack in process with hacker using laptop. Computer and digital security icons in cells. Hacking and malware concept.
The National Cyber Emergency Response Team (National CERT) has issued a high-priority advisory warning organizations across Pakistan to address critical vulnerabilities in their email systems. The advisory highlights that poor email configurations are exposing both public and private sector institutions, as well as government entities, to serious cyber threats.
According to National CERT, there has been a noticeable rise in phishing schemes, business email compromise (BEC), and domain spoofing attempts—tactics that are being used globally and now pose a direct risk to Pakistan’s security, economy, and public confidence. The advisory warns that cybercriminals, hacktivist groups, and even state-sponsored actors are exploiting these weaknesses to carry out financial fraud, steal sensitive data, distribute ransomware, and spread misinformation.
A major concern is the failure to implement key email authentication protocols such as SPF, DKIM, and DMARC. Without these protections, attackers can easily impersonate trusted domains, bypass security filters, and manipulate official communications. National CERT noted that misconfigurations could even lead to genuine emails being marked as spam, disrupting daily operations.
The advisory outlines specific vulnerabilities using technical codes: WK-1 (absence of email protection protocols), WK-4 (DMARC set only to monitor mode), and WK-5 (no protections for subdomains). All of these leave organizational domains open to abuse.
National CERT recommends immediate remedial steps, including enforcing email security standards for all domains and subdomains, enabling multi-factor authentication, conducting regular security reviews, and ensuring staff are trained to detect and report suspicious activity. Email service providers have been urged to adopt strong domain authentication measures and advanced filtering tools to block malicious content.
The advisory concludes with a firm reminder: organizations must recognize email as a high-risk communication channel that demands continuous monitoring. National CERT encourages all institutions to report incidents via its official portal and participate in threat intelligence sharing to counter these risks effectively.