Author: Kashish Varshney, Barkatullah University, Bhopal
To the point
If you think you know how online scammers operate, think again. Online scamming accounts for over 50% of all financial cybercrime. It’s a global industry that bleeds victims of billions every year. The digital age has brought unknown convenience, but it has also introduced new threats, particularly in the form of online scams.
The proliferation of digital devices worldwide has given rise to concerns about digital security, which in turn has led to an increase in the vast number of cybercrimes. With India’s rapid digitalization, the country has witnessed a swell in cyber scams, ranging from phishing, identity theft, fiscal fraud, OTP scams, and even deepfake cybercrimes. As cybercriminals exploit vulnerabilities in digital security, legal frameworks have evolved to combat these arising threats. This article explores the landscape of cyber scams in India, key legal provisions, major challenges, judicial precedents, and strategies for securing against similar digital deception.
Use of Legal Jargon
In the digital age, cyber scams in India are becoming a serious threat to privacy, data protection, and financial security. Crimes like identity theft, phishing, and unauthorized access to computer systems are punished under the Information Technology Act, 2000, specifically Sections 66C and 66D. Additionally, Section 318, 319, and 336 of the Bharatiya Nyaya Sanhita, 2023 (BNS), deal with cheating by inducement, penalty for breaching privacy. The rise of cross-border digital crimes raises concerns about jurisdiction, intermediary liability, and enforcement. Maintaining good cyber practices, following regulatory rules, and ensuring timely decisions through cyber appellate tribunals are essential to combat this issue.
The Proof
Legal Framework Governing Cyber Scams in India.
The Indian legal system has incorporated several provisions to handle cyber scams and frauds. The primary laws include:
1. The Information Technology Act, 2000
The IT Act is India’s primary law governing cybercrime and digital security.
Section 66D penalizes impersonation using communication devices for fraudulent activities.
Section 43 deals with unauthorized access and data theft.
Section 72 addresses penalties for breaching confidentiality and privacy.
2. The Bharatiya Nyaya Sanhita, 2023
Section 318(4): Covers fraudulent activities, including online scams.
Section 319(2): Punishes cheating by impersonation, a common tactic in cyber scams.
Section 336: Penalize forgery and falsification of electronic records.
3. Reserve Bank of India (RBI) Guidelines
Scheduled banks (private, foreign, and nationalized banks mentioned in the schedule of the RBI Act, 1934) have received new cybersecurity instructions from the Reserve Bank of India, which require them to create cybersecurity policies that differ from their organizations’ current IT or IS security policies.
4. Consumer Protection (E-Commerce) Rules, 2025
Data and Consumer Security: Emphasizes the necessity of implementing consumer protection regulations and safeguarding sensitive data through e-commerce in India in order to win and keep the trust of customers.
Data Protection Measures: Improves cybersecurity and data privacy in accordance with India’s Data Protection Bill.
The Ministry of Home Affairs has set up the ‘Indian Cyber Crime Coordination Centre’ as an attached office to deal with all types of cybercrimes in the country in a coordinated and comprehensive manner.
The Joint Management Information System, or Samanvaya Platform, became live in April 2022 and functions as a Management Information System (MIS) platform, data repository, and coordination platform for LEAs to share and analyze cybercrime data. In relation to cybercrime complaints in different States and UTs, it offers analytics-based interstate links of crimes and offenders. The “Pratibimb” module provides jurisdictional officials with visibility by charting the whereabouts of criminals and crime infrastructure. Law enforcement agencies can more easily request and receive techno-legal support from I4C and other SMEs thanks to this module.
Abstract
Rapid digitalization in India has led to an increase in cyber scams that target financial institutions, companies, and individuals. Cybercrime has assumed industrial proportions in India. We lost over 1,750 crore rupees to cyber fraud in the first 5 months of 2024. Some 9.5 lakh complaints were registered with the National Cyber Crime Reporting Portal, averaging one complaint every 14 seconds. Suggesting a continued trend in financial losses in 2025. While specific, comprehensive data for the first five months of 2025 on the National Cyber Reporting Portal (NCRP) isn’t readily available, as per reports, cybercrime complaints are expected to exceed 2.5 million, with 500,000 specifically mentioning brand impersonation.
Therefore, it is crucial for us to understand what cyber scam is and how common it is in India. Let’s now examine the many forms of cyber scam that occur in India.
Forms of Cyber Scams in India
India has seen a variety of scams, targeting individuals, businesses, and financial institutions. Some of the most prevalent scams include:
1. Phishing and Email Scams
Cybercriminals impersonate legitimate entities, sending fraudulent emails to lure victims into revealing sensitive information, such as bank details, passwords, or identity proofs.
Often used to conduct financial frauds, phishing remains a significant concern.
2. Identity Theft and Financial Fraud
Fraudsters steal personal data to commit financial fraud.
Fake SIM cards, cloned debit/credit cards, and unauthorized bank transactions occur frequently.
Victims suffer significant financial losses due to unauthorized access.
3. OTP and UPI Scams
Scammers manipulate victims into sharing one-time passwords (OTPs) or UPI PINs, leading to unauthorized withdrawals.
Fake customer service calls often trick individuals into revealing credentials.
4. Cryptocurrency and Investment Scams
Cybercriminals lure individuals into fake investment platforms, promising high returns on cryptocurrency investments.
Many victims lose money in fraudulent trading schemes etc.
5. Social Media Scams
Scammers us to manipulate individuals into sharing private information.
Fake online shopping deals, lottery frauds, and impersonation scams are common.
6. Deepfake and AI-powered Scams
Fraudsters use AI-generated deepfake videos or voice cloning to impersonate trusted individuals and demand money or sensitive data.
This scam is hard to detect, making it highly dangerous.
Challenges in combating cyber scams are jurisdictional complexities, lack of digital awareness, weak implementation and compliance, evolving scam techniques, and limited cyber forensics infrastructure.
Strategies for safeguarding against cyber scams are strengthening digital awareness, enhancing cybersecurity laws, strict enforcement of data protection laws, improving cyber forensics infrastructure, stringent compliance for e-commerce and banking, mandatory authentication measures for financial transactions, investing in AI-powered fraud detectors, encouraging safe digital practices, avoiding clicking on unknown links or suspicious mails, enable multi-factor authentication for accounts.
Case Laws
1.Shreya Singhal v. Union of India A.I.R. 2015 SC 1523
In this case, the Supreme Court struck down Section 66A of the IT Act, which criminalized online speech, ruling that it was vague, arbitrary, and unconstitutional, thereby reinforcing freedom of expression and digital privacy protections.
2. Avnish Bajaj v. State (NCT) of Delhi A.I.R. 2008 – Bazee.com Case
The CEO was arrested and given bail later under Section 67 of IT Act, 2000 on account of an obscene video uploaded on Bazee.com for sale. This case highlighted liability of digital platforms in controlling fraudulent activities.
3. Prakash Gupta v. SEBI A.I.R. 2021 SC 3601
A recent case where the Securities and Exchange Board of India (SEBI) took strict action against fraudulent investment schemes. It reinforced the importance of financial transparency and cybersecurity in investment platforms.
4. Operation Chakra-V: CBI Cyber Fraud Investigation
The CBI conducted searches, arrested a suspect linked to organized cyber-enabled investment fraud. The accused supplied pre-activated SIM cards and mule bank accounts to cybercriminal networks. Victims were deceived into investing in fake mobile applications promising discounted shares.
5. Mumbai Online Task Scam
A 25-year-old youth from Mazgaon lost ₹9.27 lakh in an online task scam. Fraudsters initially transferred small amounts to gain trust before demanding larger investments. The victim was tricked into investing in a fake cryptocurrency platform.
6. Digital arrest scam
An 86- year- old woman from south Mumbai lost more than 20 crore rupees of her savings over two months to a ‘digital arrest’ fraud.
Conclusion
Cyber scams in India represent an evolving threat that demands continuous legal, technical, and awareness-based interventions. Although the IT Act, BNS provisions, and RBI guidelines offer protection, challenges in implementation, awareness, and enforcement remain. Judicial precedents have reinforced intermediary responsibilities and consumer rights, yet cybercriminals adapt to new fraud techniques. The battle against cyber scams is not just legal but social, technical, and educational, requiring collective vigilance from individuals, businesses, and law enforcement agencies. As India marches forward in its digital transformation, ensuring safe, scam-free cyberspaces must remain a national priority.
FAQS
1. What is a cyber scam?
A cyber scam is a fraudulent activity conducted online to deceive individuals and steal money, data, or sensitive information.
2. Why are cyber scams increasing in India?
With rapid digital adoption, scammers exploit users lack of awareness, weak cybersecurity measures, and loopholes in legal enforcement.
3. What are the most common types of online scams faced by Indian users today?
Indian users frequently face phishing scams, where fraudsters impersonate banks or companies to steal sensitive data. UPI and OTP scams trick victims into sharing one-time passwords, enabling unauthorized financial transactions. Investment scams, including fake cryptocurrency trading platforms, lure individuals into fraudulent schemes with promises of high returns.
4. What is a UPI scam?
UPI scams involve fraudsters tricking users into authorizing unauthorized transactions through fake payment requests.
5. How can users identify a fake website?
Fake websites often have spelling errors, lack HTTPS security, and request unnecessary personal information.
6. How does the IT Act, 2000 help prevent cyber scams?
It criminalizes identity theft, hacking, and online fraud, ensuring penalties for digital misconduct and protecting users from cybercriminal activities.
7. What is the role of the Reserve Bank of India (RBI) in preventing cyber scams?
The RBI issues guidelines for secure digital transactions and ensures banks implement robust cybersecurity measures.
8. What role does artificial intelligence play in cyber scams?
AI enables deepfake scams, automated phishing attacks, and social engineering fraud, making cybercriminals more sophisticated in deception.
