Cybercrime , Fraud Management & Cybercrime , Geo Focus: Asia

India Clamps Down on Cyber Fraud But Faces Hurdles

Lack of Staff With Digital Crime Investigation Skills Could Derail Government Plan
India Clamps Down on Cyber Fraud But Faces Hurdles
The railway station in Jamtara, India's most infamous cybercrime hot spot (Image: Shutterstock)

The Indian government in a landmark cybercrime conference on Wednesday provided a glimpse into the regional cybercrime landscape and efforts to dismantle the growing cyber fraud industry in India.

See Also: OnDemand | Combatting Rogue URL Tricks: How You Can Quickly Identify and Investigate the Latest Phishing Attacks

The Cybercrime Coordination Center, set up by the Ministry of Home Affairs in 2020 to coordinate government efforts to identify, investigate and prosecute cybercrime, held its first press conference Wednesday in New Delhi.

The conference, aimed at highlighting government successes against financial fraud, betrayed deep systemic challenges in policing the profitable digital fraud industry. While India has one of the largest populations in the world, it has the smallest per capita police force in the region.

The Cybercrime Coordination Center, commonly known as I4C, said public awareness about cybercrime in its various forms and new ways to report fraud has triggered a remarkable rise in incidents. In 2019, citizens reported only 26,000 cases of fraud. In 2023 alone, the National Cybercrime Reporting Portal recorded more than 1.5 million cybercrime complaints, but the response by law enforcement left much to be desired.

Cybercrime Battle Could Be Long

I4C Chief Executive Rajesh Kumar said the cybercrime complaints in 2023 resulted in about 66,000 first information reports filed by police, or one FIR for every 22 reports. He said the cybercrime reporting portal and the national cybercrime help line have, to a large extent, negated the need for people to visit police stations in person to file complaints.

But, Kumar said, I4C relies on police agencies across India's 28 states to conduct investigations into cybercrimes, and the police force in each state is at a different stage of modernization and digitization. Police officers in rural areas, where a majority of the population resides, lack the knowledge and tools needed to trace cybercriminals and dismantle sophisticated scams, he said.

Kumar said that over the past three years, India lost 10,319 crores, or $1.24 billion, to cybercrime, but authorities could only trace and return about one-tenth of the stolen funds to victims. Law enforcement agencies are making efforts to coordinate with banks to fast-track investigations to deprive criminals of the opportunity to launder stolen funds.

India has over 800 banking institutions that offer IMPS, an instant money transfer facility that carries no transaction charges, but only 263 have so far enrolled in I4C's consolidated Fraud Reporting and Management System, which was set up to help law enforcement authorities coordinate with banks to trace and block fraudulent transactions. Kumar said the government hopes to enroll all banks and e-commerce firms in the platform in 2024.

Though programs to counter digital fraud are slowly being put into motion, the lack of resources and personnel could turn the battle against cybercrime into a long one. According to I4C's statistics, financial scams that target the average citizen - such as customer care fraud, "know your customer" fraud, refund fraud and remote access fraud - account for 35% of all reported cybercrimes.

Close to 40% of reported cybercrimes also include forms of investment fraud, task-based scams and authorized push payment scams that target India's 800 million educated middle-class community with a strong grasp of the English language. About one-quarter of reported scams involve illegal loan apps that offer quick access to finances but have extortionate interest rates and questionable recovery practices.

Kumar said "sextortion" is becoming the weapon of choice for criminals as victims seldom report such instances, to avoid embarrassment. These schemes involve scammers employing women to record video calls with victims and using the videos to extort money by threatening to post them on social platforms. Scammers have also used online booking, brand impersonation and QR code scams to target people not equipped to distinguish fake websites from real ones.

Government Steps Up Efforts

Kumar said that I4C in its first three years has put in place an "all of government" response to cybercrime. The agency activated a 24-hour national cybercrime help line number and a cybercrime reporting portal, which helped it register over 3 million complaints since 2020.

I4C also instituted Crime and Criminal Tracking Network and Systems, a consolidated crime database to help police forces track cybercriminals who operate across different states. More than 16,600 police stations have been integrated with CCTNS and also with the National Automated Fingerprint Identification System, which helps in interstate linkage and identification of cybercriminals across the country.

Considering law enforcement agencies' lack of experience in investigating digital crimes, Kumar said, I4C has launched a Joint Management Information System to store and analyze all crime-related data from all states and train over 2,41,500 personnel across agencies. The program helped the agency provide CyTrain certifications to over 52,000 law enforcement personnel.

The National Cyber Forensics Lab, set up by the Ministry of Home Affairs in the capital, trains law enforcement personnel on malware analysis, memory forensics and mobile forensics. The institute houses cyber forensic tools that police forces can access remotely to perform tasks such as information extraction from damaged discs, cryptocurrency forensics, network log analysis and audio, video and image enhancement.

I4C's primary focus has been on tackling financial fraud, Kumar said. These platforms have helped it block 12.32% of fraudulent accounts used by scammers and prevent the transfer of $110 million in stolen funds in 2023. Law enforcement agencies also blocked 295,461 SIM cards and 46,000 devices and shut down 2,810 phishing websites and 595 malicious mobile apps used by fraudsters.


About the Author

Jayant Chakravarti

Jayant Chakravarti

Senior Editor, APAC

Chakravarti covers cybersecurity developments in the Asia-Pacific region. He has been writing about technology since 2014, including for Ziff Davis.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.