Cyber criminals are getting smarter. Laws and awareness need to keep up
On December 6, Sonamoni Khatun from Jadavpur in Kolkata lost her 26-year-old husband Omprakash after he suffered a heart attack. Both were accused of committing bank fraud, which 23-year-old Khatun is now fighting as she raises her toddler as a single parent.
The case that led them to the police was that of a retired nurse from Mumbai who was duped of Rs12.23 lakh after she dialled a fake customer support of the State Bank of India for an issue related to a credit card that she had recently bought. This amount was transferred to Khatun’s account, which was later frozen by the cybercrime police. “We knew the police would come after us, so we left the city, switched off our phones, and rushed to Delhi,” recalls Khatun.
It all started in June 2021, when Omprakash’s friend from Patna visited them in Jadavpur and saw the couple struggling to make ends meet. He offered them to join him in the work he was doing, which would help them earn quick bucks. They were given two options: Either get basic training to make fake calls, or open multiple bank accounts for which they will be paid commission. These were accounts where money from people duped by cyber frauds would be deposited. Omprakash opened multiple accounts at Indian Bank, Kotak Mahindra Bank, and State Bank of India in his name, plus other accounts in Khatun’s name.
On a daily basis, different amounts ranging from Rs1,000 to Rs10,000 up to Rs15 lakh were transferred into these accounts, which later had to be moved to other accounts as per the instructions given by the friend. “My husband was paid Rs10,000 every month for this work, and apart from this, he used to drive a Rapido bike taxi,” Khatun tells Forbes India.
The quick-buck scheme didn’t last long. In July 2022, Omprakash was arrested in Delhi. He later managed to get out on bail, but now Khatun, who is also out on bail, will continue serving the case. Their friend has disappeared, and the police are on the lookout for him.
A major chunk of cybercrimes happening in India right now are related to banking and finance. According to a survey by the Future Crime Research Foundation (FCRF), an IIT Kanpur-incubated nonprofit, 77.4 percent of the cybercrimes from January 2020 to June 2023 were linked to online financial frauds like UPI frauds, debit/credit card/SIM swaps, and internet banking-related frauds.
In 2022, a total of 65,983 cases of cybercrime were registered across the country, a considerable jump from the 52,974 logged in 2021. Karnataka, Telangana and Maharashtra accounted for more than half of these cases, as per the data released by the National Crime Records Bureau (NCRB) on December 3.
But there are still many cases unrecorded. For instance, data from the National Cyber Crime Reporting Portal, a platform where people report cybercrime, suggests that not as many cases are being registered as are being reported. Between January 2020 and December 2022, the portal received 1.6 million complaints of cybercrimes, and only 32,000 of these complaints ended in police cases.
With the extensive usage of smartphones and fast internet, people with low digital literacy are considered at high risk. The cybercrime police have also seen an uptick in victims falling prey to sextortion and impersonation of government officials.
Online sextortion cases are mostly underreported due to the social stigma in coming forward, and a lot of victims end up dying by suicide. The modus operandi involve a person getting a video call on a mobile phone from a random number, and when the person attends the call, they find a woman engaging in obscene acts. The fraudsters record the video and take a screenshot of the video chat. This is followed by the victim receiving a call from a person posing as a police officer and being informed that the woman on the call has lodged a complaint against him. The officer then sends a screenshot of the video chat to the target and extorts money to settle the matter in return.
Part-time job scams, however, top the chart of cybercrimes, with complaints flowing in regularly, according to the cybercrime cell police in Ahmedabad. The potential target gets a message on their WhatsApp number with a part-time job offer. The target is told to open an account in Telegram, and an organiser then adds the number to a group. The organiser then gives some tasks, usually to follow certain accounts or like videos on social media platforms. They are promised thousands of rupees for a day’s work. Initially, the person gets the promised money, starting at Rs150. After winning their trust and seeing to what extent they can potentially put in money, the scammers ask them to deposit money for certain tasks by promising them higher returns. Initially, they get some refund, but once the prepaid amount is high, the fraudsters dupe the person.
Joseph, 61, a retired school principal from Ahmedabad, lost Rs83 lakh in the part-time job scam. The fraudsters kept him engaged for three months, starting from March until June this year, and extracted the money from him by offering lucrative returns. “They offered a 30 percent immediate return on the money I invested. Whenever I became hesitant, they kept reassuring me that this was safe. All the communication took place on Telegram, and for each transaction, different bank account details were provided,” says Joseph, who lost all his savings in this scam.
“After more than three months of digging, we’re able to crack one gang. Catching them is not easy because they operate in large networks,” says Jitendra Yadav, assistant commissioner of police, cybercrime branch, Ahmedabad. “The scammers are well aware of the system loopholes and make the most of them. As per the Information Technology Act, this is a bailable offense. There’s also another rule, we cannot arrest them directly. We have to first issue a notice to the accused. And then they never turn up or never answer properly. So reaching the main person or mastermind behind this is very difficult.”
Jamtara, which once used to be the hotspot, has now become the least of the problems. There are many new hubs that have cropped up post-Covid-19 pandemic, explains NS Nappinai, advocate, Supreme Court of India and Bombay High Court, and founder of Cyber Saathi. “Unless the law is shown to be effective, there will be more and more of these hubs coming up, because you’re telling them that I know you exist, and yet I’m not able to act against you and put you behind bars,” she says.
Cybercrime investigator Ritesh Bhatia agrees. “The laws are so weak. These fraudsters get arrested, and just the next day they are out on bail, or maybe after 15 or 20 days, and then they’re back at it.” Creating more awareness, educating individuals, and strengthening the laws are the needs of the hour. The moment some new modus operandi comes up, the government should start creating awareness proactively with the help of influencers, celebrities, radios, and newspapers, adds Bhatia.
Focus on mass vernacular cyber literacy and a justice delivery system with effective and quick remedies, explains cyber lawyer Prashant Mali. “School syllabuses should have compulsory topics on cyber usage and culture. Also, the Reserve Bank of India and the Insurance Regulatory and Development Authority of India (IRDAI) should make it compulsory for their member banks to invest two percent in cyber literacy.”
There is no playbook for how cybercrime can be committed, so remaining cautious in this digital world is a must. Advocate Nappinai says, in case anyone has fallen victim to a crime, stop blaming yourself. There are millions of others who have also probably been cheated in the same way. So use the system and make this system work for you. “If you don’t file a complaint, then you’re just encouraging a criminal. That same criminal will victimise another 100 or 10,000 people or more. Until you use the system and make it work, the system is going to remain dormant like this.”
Naandika Tripathi / Updated: December 18, 2023