Though cybercrime is not new, in recent years the ease with which hackers are conning people has put the safety of all technology users at risk, be it a sim-card facilitated mobile phone or a high-tech computer system.
As per National Crime Records Bureau (NCRB) data, more than 13,000 cases of cybercrime were reported in 19 metro cities in 2022, with Bengaluru registering nearly 75% of the reported cases. “Much of the cybercrime goes unreported, as people associate shame and distrust in police to file cases,” says N S Nappinai, Supreme Court advocate and founder of Cyber Saathi.
To raise awareness on cybercrime, Citizen Matters, on December 15th, hosted a citizen clinic titled “How to protect yourself from cyber fraud?” The panel was moderated by Prachi Pinglay-Plumber, Consulting Editor at Citizen Matters. The panel consisted of Karan Saini, security researcher and technologist; Gautam Mengle, Senior Assistant Editor Mid-Day; N S Nappinai, Supreme Court advocate and founder of Cyber Saathi; and Sanjay Shintre, (IPS) Superintendent of Police, Maharashtra, Cybercrime.
How to deal with cybercrime
One of the main goals of hackers is to make money, and with technology constantly evolving, they find easier ways to bait people. “They use credible platforms like OLX where people interact and set up traps. In other cases, they also set up Google ads for various searches on the search engines and reach out to people from there. They make it difficult for people to verify the authenticity of the information reaching them, hence trapping them,” says Karan Saini, security researcher and technologist.
Nappinai elaborates on financial frauds and how the classic ‘bait and reel in’ concept works based on fear or greed. Earlier, crimes worked on greed like the lottery and other means. Of late, it has turned into fear. “For example, during COVID, being unable to connect with your banks or to KYCs would elicit fear, which would lead people to click without verifying or checking, which would result in their accounts getting hacked,” she adds.
Clean device even after case is resolved
She strongly emphasises on the steps needed to be taken even after a case is resolved. Getting back your account does not mean that the issue is resolved, since there could be malware in the device that could continue to provide access to the hackers. It is highly suggested to clean the device post resolution, so that it does not make the device more vulnerable for any kind of security breach and this is applicable for both cell phones and computers.
“Convenience lies at the core of giving way to cyber crime. People should realise that fatigue about the possibility of security breach will set in, but that is not a reason to resort to convenience and not exercise caution. Clicking one button instead of following the actual process might lead to irreversible risks,” Nappinai emphasises.
Sanjay points out that out of 128 crore people who use sim cards, only about 80 crore people have internet services, while the rest of them use tele services. The hackers are constantly studying the open source data, which is available from any registrations that we do and analyse patterns to lure people in. They either call you, or send SMS, or contact you through your social media channels. He advises people to not open any link or click on any ad without doing some background check, which will throw light on the authenticity of these links.
“If there is any issue or hesitance in reaching out to the police, people can always register a complaint on cybercrime.gov.in or call the national helpline, 1930. If you reach out to the police immediately, there is scope to retrieve the full amount within three hours, as the police can track down the hackers’ account and freeze it,” he explains.
Read more: Cybersafety tips: Before you decide to download that app, read this
Retrieving the lost money is possible via registering on the portal or calling on the helpline, but to investigate and catch the culprit, a physical investigation would be required for which the victim has to file an FIR with the police offline.
Nappinai elaborates on the two circulars of the Reserved Bank of India (RBI), which can be used to file a complaint with the bank prior to filing the FIR for quick recovery of the lost money. There is zero liability if you reach out to the bank within three days, and limited liability within seven days. If the bank insists on filing the FIR, one could use these circulars to file the complaint at the bank first, and can take the acknowledgment to file the FIR as well. In cases of contributory negligence, where one has shared the OTP with the hacker, there still will be limited liability with the credit or debit card insurance. “There are enough and more laws to tackle cybercrime. We have the general IPC sections and special laws to deal with the rising cases. People only have to trust the law and file the case,” says Nappina.
Cybercrime has the least likelihood of turning into a physical crime. “In none of the cases we have received so far has a physical attack been done on the victim or the victim’s family. It’s always using calls or messages to threaten and lure them in for money or some sort of gratification,” says Shintre.
Scams in the promise of jobs
Gautam shares a personal anecdote of his acquaintance’s cyber fraud and elaborates on how the hackers study patterns and use people’s vulnerabilities, like getting a job. He also speaks of seasonal crime, where holiday seasons see an increase in cybercrimes as discounts and festive offers are used as bait. “Cybercrime has reached so far in progression where the hackers are now willing to pay you a certain sum to gain your trust and then lure you in. Impersonating someone online is of no difficulty now, where one can create Gmail IDs using their full names and the company they work for.” He adds that with the proliferation of AI , deep fakes, which were once rare, are now becoming a real threat, and are difficult to track.
Read more: UPI scams in Chennai: What you need to know to protect your money or get it back
While cybercriminals are getting more innovative, we must ponder on whether the awareness of the same is reaching the audience and enabling them to exercise caution. In news reporting, explaining jargon of cyber frauds is important to raise awareness.
“Cybercrime has a deep psychological impact on the victims, irrespective of the intensity or the type of the crime, and hence every precaution has to be taken to prevent and tackle cyber crime at all levels,” says Gautam.
Watch the full discussion here: