In 2023, the total rate of cybercrimes in India stood at 129 cases per 1 lakh Indian citizens.
Published:
The must-know 2023 cybercrime stats and trends in India.
|
(Photo: Aroop Mishra/The Quint)
KYC expiry fraud was one of the most common types of local-origin scams flagged by Indians in 2023, followed by sextortion and QR code scams, according to data presented on Wednesday, 3 January 2024, by the Indian Cybercrime Coordination Centre (I4C) that operates under the aegis of the Union Ministry of Home Affairs.
Additionally, the most number of cybercrime complaints that were made last year came from Delhi – followed by Chandigarh and Haryana.
But which state or union territory saw the least number of cybercrime complaints? How many Indians dial 1930 on a daily basis? And once a scam has been reported, how successful have banks been in recovering the defrauded amount? Take a look at the decoded data.
(The infographic will load below. Please wait for a couple of seconds if it hasn’t loaded on your screen yet.)
Interestingly, a Distributed Denial-of-Service (DDoS) attack was launched against the official G20 Summit website at the time when the high-profile forum was being hosted by India in New Delhi. The G20 Summit website was pinged 1.6 million times in two minutes as a result of the cyberattack.
“The Telecom SOC, MHA and NIC were able to successfully defend the website,” I4C CEO Rajesh Kumar said in a press conference on Wednesday, without revealing further details about the cybercriminals behind the attack or the country of origin.
Rate of Cybercrime in India
In 2023, the total rate of cybercrimes in India stood at 129. What this number really means is that there were 129 complaints of cybercrimes (per 1 lakh Indian citizens) that were received on the National Cybercrime Reporting Portal.
“In some states, (the cybercrime rate) was higher than others but that could be due to various reasons (such as urbanisation and high population density),” Kumar said.
Here are the top 5 states that saw the most number of cybercrime complaints in 2023:
-
Delhi = 755 complaints per 1,00,000 people
-
Chandigarh = 432 complaints per 1,00,000 people
-
Haryana = 381 complaints per 1,00,000 people
-
Telangana = 261 complaints per 1,00,000 people
-
Uttarakhand = 243 complaints per 1,00,000 people
How Were So Many Cybercrimes Reported?
In an attempt to ease the reporting of cybercrimes from all over India, the Centre has put the following mechanisms in place:
1. The National Cybercrime Helpline Number 1930: Dialing this helpline number can lead to the recovery of your money that was lost in a scam. So far, more than Rs 1,100 crore siphoned off by cybercriminals have been saved, thus benefitting more than 4.3 lakh victims in three years.
The recovery is possible as over 243 banks, e-commerce companies, and other players have been integrated with the helpline system. The National Payments Corporation of India (NPCI), which facilitates services like UPI and FASTag, has also been integrated with the 1930 helpline system for “real-time prevention.”
-
The 1930 helpline receives over 50,000 calls every day
-
Over 12,12,063 1930 calls were answered in December 2023 alone
2. The National Cybercrime Reporting Portal (NCRP): More than 31 lakh cybercrime complaints have been registered on the NCRP (cybercrime.gov.in) since its launch in August 2019.
Out of these, over 66,000 First Information Reports (FIRs) have been lodged by law enforcement agencies of various states and UTs. This indicates that a complaint registered by the NCRP or through the helpline does not always lead to an FIR being lodged.
A total of 13,10,329 complaints regarding cyber-enabled financial frauds were received from India through both the government helpline number as well as the reporting portal in 2023.
This trend shows that more and more Indians have been reporting cybercrimes through government channels (NCRP) over the past four years.
3. Crime and Criminal Tracking Network & Systems (CCTNS): “Complaints were made to the NCRP. From the NCRP, it was connected to the CCTNS and FIRs were issued on the basis of that,” Kumar said.
Thanks to the CCTNS, a 100 percent of FIRs lodged in police stations are now digitised, as per Kumar. “When we talk about machine learning, data analytics and AI, this data is very important to us,” he added.
-
99.9 percent of police stations (16,597) registering FIRs directly on the CCTNS.
-
28.98 crore police records have been uploaded to the CCTNS so far.
4. National Automated Finger-Print Identification System (NAFIS): It is a identification system based on fingerprints. “Cyber criminals are very mobile, they are physically located in some part of the country and are arrested in other parts of the country. (NAFIS) facilitates identification of cyber criminals across the country,” Kumar said.
-
Over 1,05,80,266 fingerprint records have been uploaded on NAFIS so far.
5. National Cybercrime Threat Analytics Unit (NCTAU): Upon receiving inputs from various sources, the I4C uses the NCTAU model to analyse and undertake blocking of various websites, apps, etc, under Section 69A of the Information Technology (IT) Act, 2000.
It also uses the NCTAU to assist law enforcement agencies, provide regulatory interventions, and issue advisories.
The NCTAU vertical of I4C.
Common Types of Cybercrimes Reported
The I4C identified the following types of local-origin scams that were reported through government channels in 2023:
35% complaints were related to customer care number or refund or KYC expiry scams, where scammers posing as customer care agents or bank agents trick the victim into installing malware and steal the OTPs sent to the mobile device.
24% complaints were related to sextortion scams, where the victim is told to pay up after being recorded watching pornography on answering a video call from an unknown number.
22% complaints were related to online booking, fake franchisee, or QR code scams, where scammers trick victims into scanning a QR code to essentially seize control of the device.
11% complaints were related to Aadhaar-Enabled Payment System (AePS) scams, where money from a victim’s Aadhaar-linked bank account can be siphoned off by cloning their biometrics (no OTP required). Most of these scams are reportedly committed from Bihar and Jharkhand.
However, Aadhaar card holders can lock their biometrics as a precautionary measure by visiting the UIDAI website, enrolment centre, Aadhaar Seva Kendra (ASK), or through m-Aadhaar.
8% complaints were related to Android Mobile Malware, where scammers trick users into installing malware by social engineering them into clicking on suspicious links.
In 2023, a total of 13,10,329 online financial frauds were reported.
“A lot of online frauds also originate outside India in nations like Myanmar, Cambodia, Dubai, and China,” Kumar was quoted as saying by Hindustan Times.
The I4C identified the following types of international-origin scams that were reported through government channels in 2023:
38% complaints were related to investment scams or job fraud, where digital ads are shown to the victim offering work-from-home job opportunities, high-paying jobs, etc. Initially, the victims are paid as promised and then they are tricked into reinvesting that amount or more.
23% complaints were related to illegal loan apps, where the borrower is harassed and extorted using the victim’s data as collateral.
21% complaints were related to illegal gaming or crypto scams
11% complaints were related to romance scams
7% complaints were related to ransomware attacks and hacking
In 2023, a total of 1,41,056 social media-related cybercrimes were reported.
A Few Steps Taken by the Government
“One of our strategies to prevent crime is to prevent the communications and financial channels used by cyber fraudsters. They use telephone and internet to communicate and banking channels to siphon money out of the system,” Kumar said.
“To that end, the Department of Telecommunications, Ministry of Electronics and Information and Technology, the RBI, and banks have been extensively cooperating with us,” he added.
1. Recovering defrauded money: Once a scam is reported, the CFCRMS system helps to block defrauded money within the financial channels, which increases the chances of recovery, according to I4C CEO Rajesh Kumar.
-
In 2021, 6.73% or ₹36.38 crore of defrauded money was marked as lien amount.
-
In 2022, 7.35% or ₹169.04 crore of defrauded money was marked as lien amount.
-
In 2023, 12.32% or ₹921.59 crore of defrauded money was marked as lien amount.
“If a complaint is received within one hour of the scam taking place, also known as the Golden Hour, then the chances of recovering the defrauded money increase,” Kumar said. During the Golden Hour, the cyber criminal is unable to fully retrieve the defrauded money as the amount would still be within the financial channels, he added.
Another benefit of the CFCRMS is that it helps us identify ‘mule accounts’, Kumar pointed out. Mule bank accounts are where the defrauded money is initially transferred.
Here’s how the CFCRMS system works.
2. Going on a blocking spree: The I4C revealed that it took the following blocking measures in 2023:
-
2,95,461 fake SIM cards were blocked. Odisha, West Bengal, and Assam have emerged as hotspots where fake SIM cards are issued.
-
46,000 IMEI devices were blocked. Here IMEI stands for International Mobile Equipment Identity. It is a 15-digit number that uniquely identifies an individual mobile device. You can check your phone’s IMEI number by dialing *#06#
-
2,810 phishing websites/URLs and 595 mobile applications were blocked under Section 69A of the Information Technology (IT) Act, 2000.
Pratibimb, a cybercrime heat map of Jharkhand.
3. Tracking live location of cyber criminals: “The I4C and Joint Cybercrime Coordination Teams (JCCT) Jamtara in Jharkhand have launched the ‘Pratibimb’ platform which not only aggregates data but also employs geospatial mapping to pin-point the physical locations of mobile numbers associated with cybercrimes,” according to a press release.
Over 400 arrests have been made in last one month by Jharkhand Police using the Pratibimb platform. This platform will be expanded nationally to eliminate hotspots of cyber crimes, the press release stated.
(At The Quint, we are answerable only to our audience. Play an active role in shaping our journalism by becoming a member. Because the truth is worth it.)