Job Frauds, Sextortion Scams: What 2023 Cybercrime Trends Looked Like in India

KYC expiry fraud was one of the most common types of local-origin scams flagged by Indians in 2023, followed by sextortion and QR code scams, according to data presented on Wednesday, 3 January 2024, by the Indian Cybercrime Coordination Centre (I4C) that operates under the aegis of the Union Ministry of Home Affairs.

But which state or union territory saw the least number of cybercrime complaints? How many Indians dial the cybercrime helpline number on a daily basis? And once a scam has been reported, how successful have banks been in recovering the defrauded amount? Take a look at the decoded data.

(The infographic will load below. Please wait for a couple of seconds if it hasn't loaded on your screen yet.)

Interestingly, a Distributed Denial-of-Service (DDoS) attack was launched against the official G20 Summit website at the time when the high-profile meet was being hosted by India in New Delhi. The G20 Summit website was pinged 1.6 million times in two minutes as a result of the cyberattack.

"The Telecom SOC, MHA and NIC were able to successfully defend the website," I4C CEO Rajesh Kumar said in a press conference on Wednesday, without revealing further details about the cyber criminals behind the attack or the country of origin.

In 2023, the total rate of cybercrimes in India stood at 129. What this number really means is that there were 129 complaints of cybercrimes (per 1 lakh Indian citizens) that were received on the National Cybercrime Reporting Portal.

"In some states, (the cybercrime rate) was higher than others but that could be due to various reasons (such as urbanisation and high population density)," Kumar said.

Here are the top 5 states that saw the most number of cybercrime complaints in 2023:

• Delhi = 755 complaints per 1,00,000 people

• Chandigarh = 432 complaints per 1,00,000 people

• Haryana = 381 complaints per 1,00,000 people

• Telangana = 261 complaints per 1,00,000 people

• Uttarakhand = 243 complaints per 1,00,000 people

In an attempt to ease the reporting of cybercrimes from all over India, the Centre has put the following mechanisms in place:

1. The National Cybercrime Helpline Number 1930: Dialing this helpline number can lead to the recovery of your money that was lost in a scam. So far, over Rs 1,100 crore siphoned off by cyber criminals has been saved, thus benefitting more than 4.3 lakh victims in three years.

The recovery is possible as over 243 banks, e-commerce companies, and other players have been integrated with the helpline system. The National Payments Corporation of India (NPCI), which facilitates services like UPI and FASTag, has also been integrated with the 1930 helpline system for "real-time prevention."

• The 1930 helpline receives over 50,000 calls every day.

• Over 12,12,063 calls were answered in December 2023 alone.

2. The National Cybercrime Reporting Portal (NCRP): More than 31 lakh cybercrime complaints have been registered on the NCRP (cybercrime.gov.in) since its launch in August 2019.

Out of these, over 66,000 First Information Reports (FIRs) have been lodged by law enforcement agencies of various states and UTs. This indicates that a complaint registered by the NCRP or through the helpline does not always lead to an FIR being lodged.

3. Crime and Criminal Tracking Network & Systems (CCTNS): "Complaints are made to the NCRP. From the NCRP, it is connected to the CCTNS and FIRs are issued on the basis of that," Kumar said.

Thanks to the CCTNS, a 100 percent of FIRs lodged in police stations are now digitised, according to Kumar. "When we talk about machine learning, data analytics and AI, this data is very important to us," he added.

• 99.9 percent of police stations (16,597) register FIRs directly on the CCTNS.

• 28.98 crore police records have been uploaded to the CCTNS so far.

4. National Automated Finger-Print Identification System (NAFIS): It is a identification system based on fingerprints. "Cyber criminals are very mobile, they are physically located in some part of the country and are arrested in other parts of the country. (NAFIS) facilitates identification of cyber criminals across the country," Kumar said.

• Over 1,05,80,266 fingerprint records have been uploaded on NAFIS so far.

5. National Cybercrime Threat Analytics Unit (NCTAU): Upon receiving inputs from various sources, the I4C uses the NCTAU model to analyse and undertake blocking of various websites, apps, etc, under Section 69A of the Information Technology (IT) Act, 2000.

It also uses the NCTAU to assist law enforcement agencies, undertake regulatory interventions, and issue advisories.

The I4C identified the following types of local-origin scams that were reported through government channels in 2023:

35% complaints were related to customer care number or refund or KYC expiry scams, where scammers posing as customer care agents or bank employees trick the victim into installing malware and intercept the OTPs sent to the mobile device.

24% complaints were related to sextortion scams, where the victim is told to pay up after being recorded watching pornography on answering a video call from an unknown number.

22% complaints were related to online booking, fake franchisee, or QR code scams, where scammers trick victims into scanning a QR code to essentially seize control of the device.

11% complaints were related to Aadhaar-Enabled Payment System (AePS) scams, where money from a victim's Aadhaar-linked bank account can be siphoned off by cloning their biometrics (no OTP required). Most of these scams are reportedly committed from Bihar and Jharkhand.

However, Aadhaar cardholders can lock their biometrics as a precautionary measure by visiting the UIDAI website, enrolment centre, Aadhaar Seva Kendra (ASK), or through m-Aadhaar.

8% complaints were related to Android Mobile Malware, where scammers trick users into installing malware by social engineering them into clicking on suspicious links.

The I4C identified the following types of international-origin scams that were reported through government channels in 2023:

38% complaints were related to investment scams or job fraud, where digital ads are shown to the victim offering work-from-home job opportunities, high-paying jobs, etc. Initially, the victims are paid as promised and then they are tricked into re-investing that amount or more.

23% complaints were related to illegal loan apps, where the borrower is harassed and extorted using their data as collateral.

21% complaints were related to illegal gaming or crypto scams.

11% complaints were related to romance scams.

7% complaints were related to ransomware attacks and hacking.

"One of our strategies to prevent crime is to prevent the communications and financial channels used by cyber fraudsters. They use telephone and internet to communicate, and banking channels to siphon money out of the system," Kumar said.

"To that end, the Department of Telecommunications, Ministry of Electronics and Information Technology, the RBI, and banks have been extensively cooperating with us," he added.

1. Recovering defrauded money: Once a scam is reported, the CFCRMS system helps to block defrauded money within the financial channels, which increases the chances of recovery, according to I4C CEO Rajesh Kumar.

• In 2021, 6.73% or ₹36.38 crore of defrauded money was marked as lien amount.

• In 2022, 7.35% or ₹169.04 crore of defrauded money was marked as lien amount.

• In 2023, 12.32% or ₹921.59 crore of defrauded money was marked as lien amount.

"If a complaint is received within one hour of the scam taking place, also known as the Golden Hour, then the chances of recovering the defrauded money increase," Kumar said. During the Golden Hour, the cyber criminal is unable to fully retrieve the defrauded money as the amount would still be within the financial channels, he added.

Another benefit of the CFCRMS is that it helps us identify 'mule accounts', Kumar pointed out. Mule bank accounts are where the defrauded money is initially transferred by scammers.

2. Going on a blocking spree: The I4C revealed that it took the following blocking measures in 2023:

• 2,95,461 fake SIM cards were blocked. Odisha, West Bengal, and Assam have emerged as hotspots where such fake SIM cards are sold.

• 46,000 IMEI devices were blocked. Here, IMEI stands for International Mobile Equipment Identity. It is a 15-digit number that uniquely identifies an individual mobile device. You can check your phone's IMEI number by dialing *#06#

• 2,810 phishing websites/URLs and 595 mobile applications were blocked under Section 69A of the Information Technology (IT) Act, 2000.

3. Tracking live location of cyber criminals: "The I4C and Joint Cybercrime Coordination Teams (JCCT) Jamtara in Jharkhand have launched the 'Pratibimb' platform which not only aggregates data but also employs geospatial mapping to pin-point the physical locations of mobile numbers associated with cybercrimes," according to a press release.

Over 400 arrests have been made in last one month by Jharkhand Police, using the Pratibimb platform. This platform will be expanded nationally to eliminate hotspots of cybercrimes, the press release stated.