Digital fraud

Author- Manoj Pant 

College- Satyendra Chandra Guria Law College kashipur 

Abstract 

Advanced technology and advanced fraud are two brothers born of the same mother: while one upgrades the world, the other exploits its loopholes. Today, as artificial intelligence, deepfakes, and instant payment architectures become seamlessly integrated into daily life, cybercriminals are weaponizing this very infrastructure to execute sophisticated crimes at an unprecedented scale. This rapid technological boom has effectively transformed internet cheating from localized, petty theft into highly coordinated, industrialized transnational enterprises that completely outpace traditional field policing.

Consequently, India’s foundational cyber framework, the Information Technology (IT) Act, 2000, is facing a severe structural crisis, as a statute designed for a simpler digital era struggles to contain autonomous AI threats and complex synthetic identities. This legal vacuum has forced a radical jurisprudential evolution, compelling the judiciary and prosecutors to aggressively deploy the new provisions of the Bharatiya Nyaya Sanhita (BNS), 2023, to cover modern realities like virtual confinement, algorithmic extortion, and voice-cloning fraud.

This systemic crisis matters immensely because it shifts the entire legal focus away from chasing untraceable offshore hackers and redirects it toward strict platform accountability. Indian cyber law is rapidly reshaping itself to hold the critical digital gatekeepers—including banking institutions, telecom operators, and social media intermediaries—vicariously liable if their security lapses enable financial predators. Ultimately, safeguarding the public requires an adaptive legal ecosystem that mandates real-time corporate accountability and proactive algorithmic policing, ensuring that the technology meant to upgrade society does not become the instrument of its financial ruin.

To the Point

 The sudden explosion of advanced cybercrime has forced a major change in Indian courts and laws. In the past, cyber law only focused on hunting down the hidden criminals who stole money. Today, because international scammers use advanced tools to hide their locations, the law is shifting its focus to target digital gatekeepers. The Supreme Court of India and federal agencies are now holding telecommunications providers, banks, and social media platforms directly responsible for safety lapses. If a telecom company allows fake international phone numbers, or if a bank permits scammers to quickly open fraudulent accounts, they can face direct legal action for failing to protect the public.

Furthermore, the legal immunity that tech companies used to enjoy is losing its strength. Under the new rules of the Bharatiya Nyaya Sanhita (BNS), 2023, tech platforms cannot claim they are simply a neutral medium. If a platform fails to actively track down and remove AI-cloned deepfakes, voice-cloning tools, or virtual blackmail networks, it loses its legal protection. Stated simply, Indian cyber law is being entirely reshaped. Cybersecurity mistakes are no longer treated as minor corporate errors; they are now treated as an active breach of public trust that can lead to heavy punishments.

Use of Legal Jargon

To understand how new technology is changing our laws, we need to know 5 key legal terms. Here they are explained in simple words:

  • Safe Harbour Shield:  This is a legal rule that protects big websites (like WhatsApp or YouTube). It says if a criminal uses their platform to cheat you, the website is not to blame. However, Indian courts are now taking away this shield if companies do not quickly delete fake accounts.
  • Vicarious Liability (Shared Blame): This means holding a company responsible for a crime done on their platform. For example, if a bank ignores security rules and allows scammers to open hundreds of fake bank accounts, the bank can face shared blame for the fraud.
  • Due Diligence (Proper Care): This is the legal duty of tech companies to keep their platforms safe. It means telecom companies and banks cannot just say “we didn’t know.” They have a legal duty to actively check and block fake phone numbers and suspicious money transfers.
  • Statutory Gap: This happens when technology moves fast but the written law is slow. India’s main cyber law was written in the year 2000. Because things like AI voice-cloning and deepfakes did not exist back then, there is a big statutory gap that judges are trying to fix right now.
  • Strict Liability (No Excuses): Under this rule, a company is held responsible for a security mistake even if they did not mean to do it. If a telecom company lets a spoofed international call reach a citizen’s phone, they face strict liability for failing to protect the user.

Case Background

The historical evolution of Indian cybercrime has moved far beyond basic internet scams. Initially, digital fraud in India consisted of simple text messages, fake lottery emails, and basic one-time password (OTP) theft. However, as the country integrated rapid digital payment architectures and consumer smartphone applications, criminal syndicates aggressively upgraded their infrastructure. This evolution completely shifted online crime from isolated incidents of digital cheating into a massive, highly organized industry that regularly exploits public trust and national security.

To understand the alarming scale of this modern crisis, one must look at data presented before the Supreme Court of India. During an ongoing judicial review, the apex court analysed reports showing that between 2021 and late 2025, an astonishing ₹52,000+ crore was completely stolen from Indian citizens through online frauds. These crimes involved predatory loan applications, fraudulent stock-trading portals, and fake investment networks. Confronted with these numbers, the highest court officially observed that this massive financial drain cannot be treated as simple white-collar cheating. Instead, the judiciary characterized the situation as absolute robbery and dacoit under public law, acknowledging that local police forces were being completely overwhelmed by the speed of digital nenetwork.

The primary driver behind this multi-crore crisis is the malicious use of Artificial Intelligence (AI). A prime example of this technological weaponization occurred in a major case before the Delhi High Court involving well-known personal finance instructor Ankur Warikoo. Cybercriminals deployed generative AI tools to clone his face and voice with incredible precision. They created hyper-realistic deepfake videos showing him endorsing a fraudulent stock investment scheme. These fake videos tricked thousands of common citizens into joining untraceable WhatsApp groups, where they were subsequently defrauded of their savings.

This specific identity theft case forced the High Court to issue strict protection orders, commanding digital platforms to dismantle user anonymity and pull down the fraudulent AI videos within 36 hours. By analyzing the ₹52,000 crore systemic loss alongside this advanced AI investment fraud, it becomes clear why India’s existing laws must adapt. The problem is no longer just about catching a lone hacker; it is about building legal fences to stop advanced technology from being used as a weapon for mass economic destruction.

Case Laws

To understand how judges are actively reshaping our legal boundaries to fight this technological boom, we must look at these critical rulings from the highest courts:

  1. Re: Menace of Nationwide Cyber Frauds (Supreme Court, 2026)
  • The Case: A massive, ongoing judicial review initiated to evaluate the national scale of digital financial crimes and cross-border investment networks.
  • What the Court Said: Analyzing data that showed over ₹52,000 crore stolen from citizens, the Supreme Court ruled that modern digital fraud can no longer be treated as simple white-collar cheating. The apex court officially characterized this systemic drain as absolute robbery and dacoity under public law, demanding an aggressive, centralized federal crackdown.
  1. Ankur Warikoo v. John Doe & Ors. (Delhi High Court, 2025)
  • The Case: A high-profile identity theft matter where cybercriminals deployed generative Artificial Intelligence to clone a public figure’s face and voice to promote fake investment schemes.
  • What the Court Said: The High Court issued strict protection orders to defend public identity, ruling that technology platforms cannot hide behind user privacy policies. The court commanded social media intermediaries to immediately strip away user anonymity and pull down the deepfake videos within a strict 36-hour window.
  1. Shreya Singhal v. Union of India (Historical Precedent)
  • The Case: The foundational Supreme Court case that originally defined the legal responsibilities of internet platforms regarding online content.
  • What the Court Said: While this case originally protected websites from being blamed for user posts, modern courts are using its guidelines to show that if a platform receives a direct court order to block a scam network and fails to act instantly, it loses its legal immunity and faces direct shared blame for the crime.

The Proof

To provide definitive, statutory backing for how advanced technology is reshaping our legal enforcement, prosecutors utilize a combination of updated criminal codes and original cyber statutes to trap digital fraud syndicates:

  • Identity Theft and Deepfake Fraud (The Identity Shield):

Because our primary cyber legislation—the Information Technology Act, 2000—was written before the invention of advanced Artificial Intelligence, prosecutors use Section 66C (Identity Theft) and Section 66D (Cheating by Impersonation using Computer Resources) to prosecute deepfake creators. These sections impose a mandatory three-year prison sentence and financial fines on anyone using cloned voices or digital faces to deceive the public.

  • The New Organized Cyber Crime Framework (The Punitive Teeth):

Under the older Indian Penal Code, digital scams were often treated as isolated incidents of simple cheating. Today, the Bharatiya Nyaya Sanhita (BNS), 2023, introduces strict definitions for organized crime. When a network of scammers operates across multiple states using fake call centers and digital setups, they are prosecuted under the organized crime sections of the BNS, which carry severe penalties extending up to life imprisonment or the death penalty if it results in fatal consequences.

  • Intermediary Accountability Rules (The Platform Gate):

Under the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, tech platforms hold a strict legal obligation to maintain public safety. The statutory proof of this liability is clear: if a social media platform or communication application receives an official government or judicial notice regarding an AI deepfake or an extortion network, they are legally mandated to remove the content within a strict 24 to 36-hour window. Failure to comply strips the corporation of its legal safety shields, making them an active accomplice to the fraud.

Conclusion

The digital fraud boom in India has proven that advanced technology is a double-edged sword: while it accelerates economic growth, it simultaneously arms criminals with unprecedented capabilities. As artificial intelligence, deepfakes, and automated networks outpace the aging boundaries of the Information Technology Act, 2000, our legal framework is being forced to undergo a radical evolution. The judiciary’s shift from hunting down untraceable, anonymous hackers to enforcing strict liability on banks, telecom operators, and tech platforms represents a realistic and necessary strategy to protect citizens.

However, defensive litigation alone cannot solve a crisis operating at the speed of light. True deterrence requires a proactive legal ecosystem that seamlessly integrates real-time digital policing with immediate corporate accountability. By utilizing the updated, aggressive provisions of the Bharatiya Nyaya Sanhita (BNS), 2023, and holding digital gatekeepers accountable for their security gaps, Indian cyber law is laying down a vital blueprint for the future. The ultimate survival of our digital economy depends on ensuring that the technological systems meant to upgrade our society can no longer be twisted into instruments for its financial exploitation.

FAQ

  •  Q – Can a tech platforms like WhatsApp or meta be held legally responsible if someone uses an AI Deepfake of my face to scan people?

Answer – Yes, under the latest cyber law, if you officially report the fraudulent deep fake video and the platform fails to remove it within 36 hours, they lose their legal safety shield and can be held sharedly  liable for the fraud.

  • Q- what is the maximum Punishment for cyber criminal operating a fake call centre network under the new Bharatiya nyaya Sanhita (BNS), 2023?

Answer- Because the new BNS classifieds multi-state digital scam network as organised crime rather than simple Internet cheating, the ring leaders can face severe penalties extending up to life imprisonment.

  • Q- what legal action can be taken against a bank if it allows a scammer to open a fake “mule account” to launder stolen money?

Answer- if a bank completely ignores basic security and verification rules, Indian courts can charge the institution with a breach of its non-delegable duty of care, forcing them to face legal penalties for enabling the financial crime trial.

Leave a Reply

Your email address will not be published. Required fields are marked *