Author: Somala Viplava, Sri Padmavathi Mahila Vishwavidyalayam
To the point
Scam in now a days is a most often threat in this digital age. It poses threat to a person by causing financial loss,data breaching and also causes reputational loss to an individual with a malicious intention.
Through online platforms the scammer targeted innocent people,trapped them and causes financial loss or data breaching etc…to them.
Reddit is a online social media platform,recently the users of reddit and some employees of reddit or posed to phishing attack.
Use of legal jargon
In India we have several constitutional provisions and other legal provisions to protect citizens from scams and cyber attacks.
* Constitutional Provisions
– Article 14 : It ensures equal protection of law and equality before the law for all citizens, including protection from scams and cyber attacks.
– Article 19(1)(g) : It guarantees freedom of profession, occupation, trade, or business, which also includes freedom in use social media platforms.
– Article 21 : It gives people right to life and personal liberty, which also includes privacy in social media platforms and using online data.
– Article 39 : It gives directions to the state to ensure that the operation of the economic system does not resulted the concentration of wealth and means of production to the common detriment.
* Other Laws
– Information Technology (IT) Act, 2000 : It is a comprehensive law that deals with online activities and cybercrimes , including hacking, identity theft, and online fraud and provide penalties for offences such as hacking,phishing and identity theft.
– Indian Penal Code (IPC) : It covers various offenses related to scams and cybercrimes, such as forgery, cheating,mischief and theft.
– Section 43 of the IT Act : It Prohibits unauthorized access to computer systems or networks.
– Section 66 of the IT Act : It Imposes penalties for computer-related offenses, including hacking identity theft and phishing.
* Government Initiatives
– National Cyber Security Policy, 2013 : It’s objective is to create a safe and secure cyber ecosystem in India and protecting information and communication technology (ICT) infrastructure,and it also promotes the use of ICT for economical development of the country.
– Cyber Swachhta Kendra : It is a botnet cleaning and malware analysis center to protect Indian cyber space and it provides free botnet cleaning services to users and organisations.
– Indian Computer Emergency Response Team (CERT-In) : A national nodal agency for responding to computer security incidents and providing emergency response services and it also issues guidelines and gives vulnerability advisories on IT security.
– Information Security Education and Awareness (ISEA) Programme : It aims to promote information security awareness to people and educate citizens, students, and professionals.
The Proof
In the scams and cyber attacks, the burden of proof is on the prosecution or the victim to establish that a crime has been committed.
* Prosecution’s Burden : In the criminal cases, the prosecution has the liability to must prove the accused’s guilty beyond a reasonable doubt.
* Victim’s Burden : In the civil cases, the victim has the liability to prove his claim by a preponderance of evidence.
Various elements
* Unauthorized Access : The prosecution must prove that the accused takes access of the victim’s computer system or network without victims authorization.
* Intent to Commit a Crime : The prosecution must prove that the accused intended to commit a crime, such as theft or fraud by taking accession without the permission.
*Causal Link : The prosecution must prove that the accused’s actions caused harm or loss to the victim by financially or data breaching.
*Digital Evidence of the accused:
The Logs, IP addresses, email headers, and other digital footprints can be used to identify the accused’s identity and actions.
* Physical evidence such as computers or storage devices, can be used to identify the accused’s possession of stolen data or malware.
Abstract
Redditor’s Post Scam:
Reddit : Reddit is a online social media platform and it is a forum style website used by the people to share any content, discussions, photos,videos, and it connect similar communities people to discuss on the specific topic and leave it for comments and voting.Reddit means ” To read it right”.The users of the reddit are called as redditors and it is 18th most visited website in the world and it is the 7th most frequented social network.
Recently the redditors and some employees of reddit platform are attacked with a phishing attack.
Phishing Attack
It is a form of cyber attack.It involves trapping people into sharing personal information by creating duplicate identities as like original identities.
The attackers has a malafide intention to steal money or taking possession of the sensitive data without the permission or install virus or malware in the system.
The attackers focused the innocent and trap the individuals through emails,text messages or social media posts by creating duplicate identities as like original identities.
The cybercriminals can ask request for login credentials, credit card information and other personal data on reddit,they were happened mostly through private messages.It trap victims and gives limited time to the individuals to update their profile and with this the individual cannot think in depth about this because of limited time by this way they trick the individual into click on duplicate links and websites and giving up their login details or downloading virus or malware on to their devices.
There are various forms of phishing like
– spear phishing : The criminals focused on specific employees.
– clone phishing: It creates exact duplicate identities of a legitimate emails or websites.
– Angler phishing: It uses bogus social media platforms.
– Domain spoofing: It uses fake domains to trap users into sharing information.
Recently there are more scams like redditor’s Post Scam are sbi scam,charity scams,break the mirror,blame the victim scam in Gurugram etc… are happening now a days in India.
Case Laws
– National association of Software Companies v. Ajay Sood & Others : The Delhi High Court in this case recognized phishing as an illegal act under Indian law, gives definition to the phishing as “a misrepresentation made in the course of trade leading to confusion as to the source and origin of the e-mail causing harm”.
– Janhit Manch & Ors. v. The Union of India : The court said that phishing is a kind of passing off and destroying the plaintiff’s image.
– State of Maharashtra vs. Ramesh Madanlal Shah : The Supreme Court in this case held that cheating by impersonation is a cognizable offense falling under Section 420 of the Indian Penal Code (IPC),1860.
Caselaws outside india
1. United States vs. Dreiman (2011) : The US Court in this case held that scam involves fake invoices and wire transfers constitutes wire fraud under federal law.
2. R. vs. Zebedee (2013) : The UK Court in this case held that conviction of an accused in a scam case involving fake online profiles and phishing attacks in system.
3. Australian Securities and Investments Commission vs. Online Investors Advantage Inc.(2005) : The Australian Federal Court in this case held that an online investment scam constitutes a breach of the Corporations Act and the ASIC Act.
4. The Facebook and Google Scam : In this case the Lithuanian man, created fake email accounts and sent phishing emails with fake invoices, contracts, and letters to employees at both companies.
5. Nigerian Man Sentenced to 26+ years in prison for conning prospective homeowners and others out of down payments using a “man-in-the-middle” email phishing and spoofing attack.
6. Chinese National Charged for Multi-Year “Spear-Phishing” Campaign indicted on charges of wire fraud and aggravated identity theft for targeting employees at technology and pharmaceutical companies with spear-phishing emails.
7. Chicago Man Sentenced to 96 Months in prison for a nationwide Snapchat phishing scheme targeting college-aged women ².
8. Israeli Hacker-for-Hire Sentenced to 80 Months in prison for computer intrusion, wire fraud, and aggravated identity theft related to a massive spear-phishing campaign.
Conclusion
Scams and Cyberattacks are considered as criminal offences not only in India but in the whole world.
The cybercriminals are trapping innocent people and requesting their login credentials and stolen their sensitive data or causing financial loss to them.
Now a days online scams and Cyberattacks are mostly increasing with the increase of usage of online platforms by the people.
Like Redditor’s Post scam recently,there are so many scams are happened in India like SBI scam,credit card scam,charity scam etc…..
So,be aware of Cyberattacks and if you get any text messages or emails just read it carefully and you will identify difference in that message.
Provide awareness programmes to educate about this to uneducated people.
FAQS
1. What is phishing attack?
A. Phishing attack is a form of cyber attack and it is a online scam it communicate the people through emails,text messages, or social media posts.
2.Redditor’s post scam is which type of scam?
A. It is a phishing attack a type of cyber attack through social media posts.
3.The burden of proof is lies on whom?
A. The burden of proof is lies on the prosecution or the victim to prove the accused’s guilty.
