Skip to content

Agency orders Investigation and Intelligence Directorate-Information and Intelligence to uncover cyber crooks using IP addresses to insert counterfeit goods into supply chains.

Federal Tax Ombudsman (FTO) issues stern orders to the Director General Intelligence and Investigation, demanding compliance...

Cyber criminals using IP addresses to insert fake supplies in the supply chain have been ordered to...
Cyber criminals using IP addresses to insert fake supplies in the supply chain have been ordered to be investigated by the DG I&I-IR, as instructed by FTO.

Agency orders Investigation and Intelligence Directorate-Information and Intelligence to uncover cyber crooks using IP addresses to insert counterfeit goods into supply chains.

The Federal Tax Ombudsman (FTO) in Pakistan has launched a significant crackdown on cybercrime-related tax fraud, focusing on the misuse of password IDs, VPNs, and fake supplies in the supply chain.

In April 2025, a major tax fraud case came to light when a commercial importer's password ID was illegally used to file a fake sales tax return worth Rs. 133.125 million. This fraud resulted in a tax impact of Rs. 23.962 million. The fraudulent activities involved creating fake supplies through manipulated Annexure-C forms, adversely affecting the official supply chain.

Investigations traced these fraudulent transactions to multiple IP addresses linked to locations in Battagram, Islamabad, and Frankfurt (suspected to have involved VPN use). The FTO highlighted the challenge posed by cybercriminals using VPNs to mask their identities, complicating investigation and prosecution.

In response, the FTO has instructed the Director General of Intelligence and Investigation (I&I), Inland Revenue, to identify and apprehend those responsible, including determining whether internal or external actors were involved in the password and VPN misuse. Enhanced investigative capabilities to trace VPN users were also mandated.

Due to non-cooperation from telecoms and ISPs in sharing subscriber data linked with suspicious IPs, the FTO has backed new legal provisions empowering the Federal Board of Revenue (FBR) to demand detailed subscriber information, including IP addresses, to better track cyber fraud perpetrators. Since July 1, 2025, telecom operators are legally required to provide this data, failing which they face legal action.

The FTO has called on the FBR to register FIRs and prosecute all individuals and entities involved under relevant sections of the Sales Tax Act. The FBR is also expected to implement technical safeguards on its online portals to prevent misuse of VPNs and ensure more secure digital tax processes.

The case of tax fraud involved M/s Rafi Enterprises, a taxpayer of RTO Quetta, who purchased fake invoices without any physical movement or payment as prescribed under section 73 of the Act, with the intent to evade sales tax. The current enforcement regime has emboldened unscrupulous registered persons to use fake/flying invoices due to a lack of fear of being caught.

The concerned Commissioner of RTO Quetta is required to take further action, including registering an FIR as per Standard Operating Procedures (SOPs) to deal with cases involving fake/flying invoices. The FTO has commended the immediate action taken by the Commissioner Quetta in protecting government revenue in the supply chain.

The law has an in-built penal and prosecution mechanism to deter misutilization of trust. The FTO has ordered the Federal Board of Revenue (FBR) to direct the Chief Commissioners -IR, RTO Quetta, to ensure legal proceedings for the conviction of tax fraud.

The FTO has observed a case of tax fraud involving the illegal misuse of a password ID and fraudulent filing of a sales tax return, resulting in a loss of Rs 23.962 million in revenue. The Director General I & I is tasked with finding the cyber criminals responsible for the tax fraud within or outside the company. The Director General I & I is also required to build capacity to find the original subscriber/criminal using VPN.

The beneficiary of the fake transactions was fully aware of the purchase of fake/flying invoices. The Department is instructed to vigorously pursue cases of tax fraud during the prosecution stage. The Department is ordered to register an FIR against the perpetrators of tax fraud using fake/flying invoices under relevant legal provisions.

In summary, the FTO is handling cybercrime-related tax fraud cases by overseeing thorough investigations, leveraging new legal powers to obtain subscriber data, urging prosecution of offenders, and pushing for enhanced system security to prevent misuse of taxpayer credentials such as password IDs and VPNs in the supply chain fraud.

  1. In response to the illegal use of a password ID for tax fraud, leading to a loss of Rs 23.962 million, the Federal Tax Ombudsman (FTO) has ordered the Director General of Intelligence and Investigation (I&I), Inland Revenue, to identify and apprehend those involved and to find the original subscriber/criminal using potentially involved VPNs.
  2. The FTO has called for the Federal Board of Revenue (FBR) to implement technical safeguards on its online portals to prevent misuse of VPNs, ensure secure digital tax processes, and register FIRs to prosecute individuals and entities involved in tax fraud under relevant sections of the Sales Tax Act.

Read also:

    Latest