In the crowded neighbourhood of Laxmi Nagar, Delhi, 29-year-old architect Anjali Singh opened an email with an alarming subject line: “Important Security Alert from Your Bank.” The message warned that her account had been compromised and urged immediate action. Concerned, she clicked on the provided link, which directed her to a website closely resembling her bank’s portal. Without hesitation, she entered her username and password, convinced she was protecting her account.
Minutes later, her phone buzzed with notifications of unauthorised transactions depleting her savings.
In another instance, Shivani Mathur, 27, a resident of Vasant Kunj, shares, “In July 2024, I came across an Instagram ad for an ‘exclusive investment opportunity’ in a tech startup, promising incredible returns. Excited, I joined a private Telegram group filled with testimonials and invested Rs 50,000. At first, I received small returns, which made me trust the scheme. But when I tried to withdraw my money, the group disappeared, and I realised I’d been scammed.”
Recent reports from the Indian Cyber Crime Coordination Centre (I4C) indicate a sharp rise in cybercrime in India, with users suffering financial losses exceeding Rs 1,750 crore from January to April 2024. During this timeframe, more than 7,40,000 complaints were registered, representing a staggering increase of 113.7% compared to previous years.
Also read: Crackdown on old vehicles: Over 5,000 automobiles seized to curb pollution
Exploiting digital trust
It’s hard to overstate the influence of technology on our lives. Today, almost everything can be done with a swipe or click, from grocery shopping to managing finances, connecting with family, or seeking entertainment. Yet as our reliance on digital platforms grows, so does our exposure to online threats.
In recent years, cybercrime has escalated dramatically, with criminals adapting their methods to exploit the ways we use technology. Anil Rachamalla, a digital wellbeing expert and founder of the End Now Foundation, says, “Recently, quishing has become very prominent. Here’s how it works: a scammer embeds a malicious URL within a QR code and sends it via email, text message, or even displays it on posters and websites. When a person scans the code, they are directed to a fake site or prompted to download malware, often without realising the threat. These sites frequently mimic familiar companies, creating a sense of legitimacy, and may ask users to log in, thereby harvesting usernames and passwords. Later, the data is used for financial fraud.”
According to reports, many of these schemes have their roots in cybercriminal activities originating from Nigeria and Romania.
Fraud patterns emerge
Hemant Tiwari, Deputy Commissioner of Police, Intelligence Fusion & Strategic Operations (IFSO) Special Cell, Delhi Police, explains, “We’ve observed a few predominant cyber fraud methods over the past year.”
Investment scams involve fraudsters approaching potential victims on social media, initially offering small yet genuine returns on investments. Once trust is built, they lure victims with promises of higher returns, resulting in substantial financial loss.
Work-from-home fraud has proliferated post-COVID. This scam begins by promising individuals small payments for tasks such as product reviews. After completing several low-paying tasks, participants are offered a “premium” membership to access higher paying assignments, typically costing thousands of rupees. As victims progress, they’re convinced to complete various “levels,” each requiring further investment. Once victims have paid substantial amounts, scammers might claim additional fees for taxes or recommendations, draining victims’ finances.
DCP Tiwari stresses, “Despite rising awareness, new fraud tactics continue to emerge, including a scheme where scammers pose as officials requesting victims to ‘sanitise’ funds by transferring money to government accounts. Common digital scams also include phishing messages from purported service providers like LPG companies or Tata Power, claiming outstanding bills and urging immediate payment through fraudulent links. Even small sums extracted through such methods add up, emphasising the need for vigilance.”
Underreporting of cybercrimes
Chief executive officer Gautam Sinha of the fintech company LTFLoW (LoanTap Group), believes that proactive reporting and legal support are key to minimising impacts and fostering a safer digital economy.
Cybercrime continues to be a pressing issue, yet its true scale remains obscured by significant underreporting. A primary factor contributing to this trend is a widespread lack of awareness among potential victims. Karnnika A Seth, Cyberlaw expert & Founder, Seth Associates, accentuates, “Many individuals who fall prey to cybercriminals are often unaware of the resources available to them, such as helplines like 1930 and 100.
Consequently, victims frequently hesitate to report incidents, fearing that law enforcement may not be equipped to handle their cases effectively.”
This scepticism is further compounded by the overwhelming backlog of complaints that law enforcement agencies face, which diminishes public confidence in the possibility of legal redress. Victims, often having compromised their sensitive financial information, are left feeling vulnerable and unprotected.
Also read: Delhi hospital performs leadless pacemaker surgery on 75-year-old woman
“Despite these challenges, efforts are underway to address the issue. I have been actively training law enforcement personnel across various states, including at national judicial and police academies. However, there is a necessity for more structured and frequent training programmes to keep pace with the rapid evolution of technology and the corresponding changes in criminal methodologies,” she adds.
Recent scams, including fake courier schemes, job fraud, and loan scams, underscore the urgency of these initiatives. Additionally, the rise of “digital arrests” illustrates the complexity of modern cybercrimes that law enforcement must contend with.
According to Seth, currently, only 5% of reported cases result in a First Information Report (FIR), despite the Indian Cyber Crime Coordination Centre (I4C) receiving more than 50,000 complaints each month. The establishment of more dedicated cyber cells is critical to improving the response to these incidents and enhancing the reporting rates.
In essence, while training is being provided to agencies such as the CBI, NIA, armed forces, judges, and police, the need for more comprehensive and consistent educational programmes is evident. As technology continues to advance, so too must the capabilities of those tasked with combating cybercrime.
Fraud and identity deception also remain critical concerns. A friend’s hacked account, for instance, might be used to send a distress message asking for money. This can erode trust as people struggle to differentiate between genuine contacts and malicious impersonations. There are solutions, like India’s One Nation One Ombudsman scheme (number 1148), which operates on similar principles as other consumer redressal mechanisms, yet very few are even aware of these resources.
The complexity of recovery
Lalit Mohan Sanagavarapu, Chief Product Officer at Quick Heal Technologies, an Indian multinational cybersecurity software company, elaborates, “X, a victim of fraud, gathers evidence, files a complaint, and with law enforcement’s help, submits an FIR and gets a court order. The court mandates a Rs one lakh transfer from the fraudster Z’s account to X as compensation. X approaches the bank, which processes the transfer legally. However, if Z has defrauded others as well, the judicial system might struggle to discern the original source of the money now in Z’s account.”
The legal process complicates things further. It is required by law that any money linked to fraud be frozen once the court verifies the fraud. This means that, although the victim may recover their money, there’s a risk it could still be held by authorities due to uncertainties over the fund’s origins.
The challenges within the reporting system compound the problem. A Delhi-based lawyer, who has filed several Public Interest Litigations pertaining to the issue explains, “Victims often express a lack of trust in law enforcement. The process of reaching the dedicated cybercrime helpline (1930) is fraught with difficulties; obtaining a connection can feel akin to winning a lottery. Even when victims succeed in making contact, the process to file a report is cumbersome. An acknowledgment number is provided, but it often feels inadequate in addressing the victim’s grievances.”
The lawyer, who wished to remain anonymous, adds that authorities must transparently share data on the number of calls received by the helpline, the acknowledgments issued, and the subsequent FIRs filed. The gap between reported cases and those formally registered reveals a stark truth: while many individuals are affected, very few seek justice.
