Protection from cybercrime: Cyber frauds – A new-age reality – Opinion News | #cybercrime | #computerhacker

By Pavan Duggal

Today, the online ecosystem has become an integral part of our lives, with a lot of dependence on the digital space. Covid-19 became a catalyst for increasing our reliance on the internet. But at the same time, Covid-19 also pushed in new users to the cyberspace without sensitising them about cybersecurity ramifications of what they did in the digital domain.

The Golden Age of cybercrime has emerged after the advent of Covid-19. During this time, online financial frauds became the de-facto norm. Today, online financial frauds have evolved into various avatars. These new kinds of frauds such as phishing and identity theft are being used to target naive internet users and potentially deprive people of their hard-earned money.

When one looks at the figures in this regard, they present a different picture. A survey conducted by private firm LocalCircles revealed that 42% of Indians surveyed experienced financial fraud in the past three years, and 74% of them failed to get the money back. “The value of online financial frauds ballooned from `2,296 crore in 2022 to `5,574 crore in 2023,” the Union home ministry recently informed the Parliamentary Standing Committee on Communications and Information Technology.

The average cost of a cyber breach in 2022 was $4.35 million. It is estimated that cybercrime cost the global economy around $7 trillion in 2022, and this number is expected to rise to $10.5 trillion by 2025. Globally,  nations and their populations are bleeding, thanks to the menace of online financial frauds. As per one estimate, the world is losing more than $6 trillion to cybercrimes every year and the figure is constantly growing. These figures are only telling us that the menace of online financial frauds will continue to grow unabated.

In this regard, when one looks at the legal frameworks, one realises that there is a big policy vacuum. New kinds of online financial frauds are emerging, but their coverage under the Indian law—the Information Technology Act, 2000—is not adequate. Most of the times, the law enforcement agencies are only trying to cover these online financial frauds under the ambit of cheating under Section 420 of the Indian

Penal Code and also cheating by personation by using computer resources under Section 66D of the Information Technology Act, 2000 with other offences. However, the Indian approach to regulating or preventing these online financial frauds has not been very effective. Consequently, users are losing their hard-earned money. The cybercrime conviction ratio for online financial frauds is very poor and as such, it leaves much to be desired.

The entire issue of detection, investigation, and prosecution of online financial frauds presents a huge challenge. India also does not have a dedicated legal framework or a dedicated court to deal with online financial frauds. In addition, one of the biggest challenges of these online financial frauds from the perspective of users is that they want their money back and in a majority of cases, once money is lost in online financial frauds, the same is not recovered. The Reserve Bank of India (RBI) issued a notification on July 6, 2017, mandating banks to pay back the amounts for all unauthorised transactions that occurred on their networks. However, banks have, by and large, been very hesitant to give effect to the said notification and want to come up with some procedural formalities one way or another. Consequently, we find that the RBI notification itself has not been effectively implemented.

Also, the tedious, long, and complex bureaucratic process that users have to follow to get their money back tends to dissuade a lot of them. People’s confidence in the ability of the system to help recover their money is being eroded. Such apathy and antipathy  will lead to bigger problems in the future. From the perspective of law enforcement agencies, these online financial frauds represent a non-priority area unless they run into lakhs and crores of rupees. The agencies themselves are not very amenable to register these frauds or matters connected therewith. The bitter reality of the law enforcement agencies’ incapacity to handle such issues has caused people to have second thoughts before approaching the authorities.

This ground reality highlights the need for India to have a holistic, new, and effective legal framework and approach to deal with online financial frauds. India requires special courts to deal with these cases, and we need to specifically expedite the process for processing them. Banks need to be encouraged to adopt cyber insurance so that they can effectively implement the RBI’s notifications. The central bank also needs to make sure that its notifications are effectively implemented and followed.

India needs to enhance the capacities of its cybercitizens by sensitising them about newly emerging frauds such as phishing and identity theft and key practical strategies that users need to adopt in order to protect themselves from becoming victims of the same. Raising digital awareness will ensure that the knowledge about the menace of increasing cyber frauds and how to safeguard themselves against the same is in the public domain.

From the perspective of users, due diligence has to be the only mantra while dealing with financial matters online. Together, we have to join hands in making Indian users more safe from the potential harm of online financial frauds. All eyes are on the government as well as the private sector on how they will proceed in this direction.

The write is Advocate, Supreme Court of India; president, Cyberlaws.net; and chairman, International Commission on Cyber Security Law. Views expressed are personal.