Cybercrime: Illustrations,

Examples and Mini-Cases

Dr K SURESH BABU
Professor of CSE
JNTUH UCESTH
Official Website of Maharashtra
Government Hacked
Official Website of Maharashtra
Government Hacked
Official Website of Maharashtra
Government Hacked
Official Website of Maharashtra
Government Hacked
Official Website of Maharashtra
Government Hacked
Official Website of Maharashtra
Government Hacked
Official Website of Maharashtra
Government Hacked
 Indian Banks Lose Millions of Rupees
• Yes, Indian banks have lost millions of rupees to cybercrime
in recent years:
• FY24 In the first four months of 2024, Indians lost over Rs
1,750 crore to cyber criminals. This was based on over
740,000 cybercrime complaints registered on the National
Cybercrime Reporting Portal.
• FY23 In 2023, cybercrimes in India resulted in a loss of Rs
66.66 crore, with 4,850 reported cases.
• Digital payment frauds In the year ending March 2024,
digital payment frauds increased more than fivefold to Rs
1,460 crore ($175 million).
• Previous years In FY22, the loss was Rs 80.33 crore, in FY21
it was Rs 50.10 crore, and in FY20 it was Rs 44.22 crore.
 Indian Banks Lose Millions of Rupees
• Cybercrime is a growing threat in India, affecting
millions of individuals and organizations.
• To combat cyber fraud, the Reserve Bank of India (RBI)
has issued guidelines to limit the financial burden on
customers in case of unauthorized transactions.
• The RBI also plans to curb suspect bank accounts that
are frequently used to transfer funds from cyber
crime.
• Banks have also increased their cyber insurance cover
in recent years. This is due to regulatory focus on cyber
security and the increased demand for cyber insurance
products.
 The modus operandi
• It’s all part of the modus operandi for scammers: Steal a small amount in a single
incident so that it doesn’t come under law enforcement radar “Scammers will start
by stealing small amounts, say a few hundred rupees, and then will increase the
amount stolen to a few thousands and then lakhs as the scammer understands the
victim more.
• The scammer will also gain more confidence as they target new victims and will try
to steal larger amounts,” said former IPS officer and cyber security expert Prof
Triveni Singh
• Interestingly many of the online frauds where large amounts have been stolen are
traced to China, Singh adds.
• To make matters more complicated, online scammers will almost never be
physically present in the same geographical location as the victims they target. A
cost of a multi-state police investigation far exceeds the amount stolen when it’s
only a few thousand rupees
 Fear and hope
• The ‘courier scams’ like the recent scam in the name of Fedex are
some of the most popular scams right now. The scammers work as
a team, some posing as courier company or airport security
personnel and others as law enforcement officials
• They call and allege there is a parcel being couriered with the
victim’s name containing illegal items, like drugs.
• The scammers then trigger fear and anxiety by claiming the victim
can be arrested for this.
• The victim, out of fear, agrees to transfer money to what the
scammers say is a ‘holding bank account’ until the ‘investigation’
into the illegal items is over
• Or in the case of the female lawyer recently, the scammers posing
as narcotics bureau officials asked her to strip for a fake ‘drug test’,
recorded the video and then blackmailed her till she agreed to pay
ransom.
 Parliament Attack
• The 2001 Indian Parliament attack was
a terrorist attack on the Parliament of
India in New Delhi, India on 13 December
2001. The attack was carried out by five
armed assailants that resulted in the deaths of
six Delhi Police personnel, two Parliament
Security Service personnel, and a gardener. All
the five terrorists were killed by security
forces.
 Pune City Police Bust Nigerian Racket
• With the arrest of two Nigerian nationals from Greater
Noida, Pune Police have claimed to solve the case in
which a woman was duped of Rs 12 lakh through a
matrimonial website.
• The arrested duo is suspected to have cheated people
in many more such cases, officials said on Tuesday.
• Officials from the Cyber crime police station
of Pune police were probing a case in which a woman
was cheated to the tune of Rs 12 lakh through a profile
she was in contact with on a matrimonial website. The
man, who claimed to have a job abroad, asked the
victim to transfer Rs 12 lakh to him on various pretexts.
 e-mail spoofing instances
• Here are some examples of email spoofing:
• Impersonating a senior executive A spoofed email may appear to be from
a senior executive, requesting an urgent wire transfer.
• Fake invoices A spoofed email may appear to be from a trusted vendor,
sending a fake invoice.
• Malware in attachments A spoofed email may contain malware in an
attachment that appears to be from a legitimate contact.
• PayPal account suspension A spoofed email may appear to be from
PayPal, claiming that the user's account will be suspended if they don't
click a link.
• Credit card confirmation A spoofed email may claim that the user's credit
card information may have been compromised, and include a link to
"confirm" the card details.
• Tech support request A spoofed email may appear to be from the
corporate IT department, asking the user to install a piece of software.
 e-mail spoofing instances
• Email spoofing is a technique used in phishing
attacks to trick users into thinking a message
came from someone they know or trust.
• Attackers can spoof emails by changing the
"From", "Reply-To", and "Return-Path" fields
in the email header. They can also create a
domain that looks similar to the legitimate
sender's domain
 e-mail spoofing instances
• To prevent email spoofing, you can:
– Use an email security gateway
– Use anti-malware software
– Provide cyber awareness training to employees
– Use encryption to safeguard emails
– Use email authentication standards such as
DMARC
– Use reverse IP lookups to verify senders
The Indian Case of online Gambling
• Recently, the government of India has instructed states to take
action against outdoor advertisements promoting online Betting
and Gambling platforms.
• The government had earlier issued an advisory to the media in June
2022, directing them to refrain from publishing such
advertisements in the larger public interest.
• What is the Government’s Observation?
• The government has observed that some betting and gambling
platforms are using outdoor media such as hoardings, posters,
banners, and auto rickshaw branding to promote their
websites/apps.
• Such advertisements were found to be misleading and not in strict
conformity with the Consumer Protection Act 2019.
The Indian Case of online Gambling
• Moreover, since betting and gambling are illegal in most parts of the
country, they pose financial and social economic risk for the
consumers, especially youth and children.
• The government has objected to the promotion of a specific betting platform that
encouraged people to watch a sports league on its website in prima facie violation
of the Copyright Act.
• What is Online Gambling?
• Online gambling involves participating in gambling activities through the
internet by placing bets or wagers on games and events to win money or prizes. It
can be played on various devices and involves virtual chips or digital currencies
instead of cash.
• The global online gambling market was valued at USD 63.53 billion in 2022 and is
expected to grow at a CAGR of 11.7% from 2023 to 2030, with the Asia-Pacific
region being the largest market.
• There are different types of online gambling, including casino games like slots,
blackjack, and roulette, sports betting, poker, and lottery. It is regulated in most
countries, including India, with varying degrees of restrictions and laws.
An Indian Case of Intellectual Property
Crime
• Here are some examples of intellectual property (IP) crimes in India:
• Sony Pictures Network India Pvt. Ltd. vs. www.sportsala.tv
• In 2021, Sony Pictures filed a suit against several defendants for
reproducing, distributing, and broadcasting cricket matches without their
permission. The court granted Sony Pictures an injunction against the
defendants, including websites, ISPs, MSOs, and cable operators.
• Source code theft
• In 2002, an employee of Geometric Software Solutions Ltd. (GSSL) stole
source code from Solidworks, an American computer aided design
software company, and offered to sell it to an FBI agent. The employee
was prosecuted, but the legal process was slow.
• Piyush Subashbhai Ranipa v. The State of Maharashtra
• The Bombay High Court ruled that offenses under Section 63 of the
Copyright Act and Section 103 of the Trademark Act are non-bailable
 Illustrations of Financial Frauds in
Cyber Domain
• Here are some examples of financial frauds that can occur in the cyber
domain:
• KYC fraud
• Scammers impersonate bank officials or government representatives to
trick customers into providing personal information.
• Business email compromise (BEC) fraud
• Victims are instructed to transfer funds to new accounts by email, which is
supposedly from a client or supplier.
• Phishing fraud
• Victims are tricked into giving away sensitive information, such as banking
details, account login credentials, or personal data.
• Social media and telecommunication impersonation fraud
• Criminals impersonate friends, relatives, or government officials to trick
victims into giving money or handing over control of their accounts.
 Illustrations of Financial Frauds in
Cyber Domain
• Online trading/trading platform fraud
• Victims are lured to fake or non-existent trading platforms by fake advertisements
or advisors.
• Online romance fraud
• Victims are convinced they are in a romantic relationship and are tricked into
sending money to criminals.
• SIM swap scam
• Fraudsters get a new SIM card issued against a registered mobile number, and then
use it to get a one-time password (OTP) and alerts to make financial transactions.
• Instant personal loan apps
• Fraudulent apps and websites claim to offer instant loans, but may charge high
interest rates or defraud the user.
• Online classified marketplace scams
• Fraudsters set up fake accounts and listings to lure buyers and steal their money.
 Digital Signature Related Crime
Scenarios
• Businesses and individuals should be aware of the risks
associated with digital signatures, including forgery and
identity theft, malware, fraud, legal risks, and security
vulnerabilities.
• They should take appropriate measures to mitigate
these risks, such as using encryption and PKI
technology.
• It requires the creation of false, fraudulent electronic
signatures, etc. Theft of identity is an offence
punishable in accordance with Article 66C of the IT Act.
The section provides for a penalty of up to three years'
imprisonment for the offence.