📱 Part 2.4

Online Frauds & Emerging Scam Ecosystem

"Real-world crime patterns lawyers actually see"

Master the technical mechanics and legal framework of modern cyber frauds — from UPI scams to digital arrest. Learn recovery strategies that actually work.

4.1

Financial & Banking Frauds

📊 Scale of the Problem

₹10,000+ crore lost to cyber fraud in 2023-24. Over 60,000 complaints daily on 1930 helpline. UPI frauds alone account for 40% of all cyber crime complaints.

As a cyber law practitioner, financial fraud cases will form the bulk of your practice. Understanding the technical mechanics is essential for effective representation.

A. UPI Frauds — The Most Common Cyber Crime

📥
Collect Request Fraud
Fraudster sends "collect" request disguised as incoming payment. Victim enters PIN thinking they're receiving money.
S.66D IT Act S.318 BNS
📸
Fake Payment Screenshot
Fraudster shows fake payment confirmation screenshot, takes goods/services without actual payment.
S.66D IT Act S.336 BNS
📱
QR Code Scam
"Scan to receive payment" — victim scans QR code, enters PIN, money debited instead of credited.
S.66D IT Act S.318 BNS
☎️
Fake Customer Care
Fraudster poses as bank/UPI app support, obtains OTP/PIN under guise of "verification".
S.66C IT Act S.66D IT Act
🔍 Anatomy of UPI Fraud
Understanding How Collect Request Fraud Works
1
Contact Established
Fraudster contacts victim via OLX, social media, or cold call claiming to buy/sell something.
2
UPI ID Obtained
"I'll send you the payment, give me your UPI ID" — victim shares UPI ID thinking they'll receive money.
3
Collect Request Sent
Fraudster sends COLLECT request (not payment). Victim sees notification that looks like incoming payment.
4
PIN Entry Trick
"Enter your PIN to accept payment" — victim doesn't realize entering PIN ALWAYS authorizes OUTGOING payment.
5
Money Gone
Money instantly debited. Often repeated multiple times ("didn't work, try again") before victim realizes.
⚖️ Key Legal Point

Critical Understanding: Entering UPI PIN ALWAYS authorizes outgoing payment, never incoming. This is the technical design of UPI. No legitimate scenario requires PIN entry to RECEIVE money.

Use this in client counseling and victim awareness. Many victims feel foolish — explain this is a design vulnerability exploited by sophisticated criminals.

B. SIM Swap Fraud

🔄 SIM Swap — High-Value Fraud

Mechanism: Fraudster obtains duplicate SIM of victim's number by visiting telecom store with fake ID. Once activated, all OTPs come to fraudster's phone.

Impact: Complete takeover of victim's banking — can drain accounts, take loans, make purchases. Losses often in lakhs/crores.

📋 SIM Swap Process
1
Information Gathering
Phishing/social engineering to obtain victim's personal details, Aadhaar, bank details.
2
Fake ID Created
Forged documents prepared with victim's details but fraudster's photo.
3
SIM Replacement
Fraudster visits telecom store, claims SIM lost, gets replacement. Victim's SIM goes dead.
4
Account Takeover
All OTPs now come to fraudster. Drains bank accounts, takes loans, maxes credit cards.
⚖️ Practitioner Strategy

Include Telecom Company in Civil Suit: SIM swap involves negligent KYC verification by telecom company. They issued replacement SIM without proper verification.

Evidence to Obtain: CCTV footage from telecom store, SIM swap application form, KYC documents submitted, call records showing SIM activation time.

RBI Circular: If bank processed transactions after customer reported SIM inactive, bank may share liability under RBI's customer protection guidelines.

C. OTP Interception & Mule Accounts

📲
OTP Forwarding Apps
Victim tricked into installing "banking app" that forwards all SMS to fraudster's server.
S.66 IT Act S.43 IT Act
🏦
Mule Accounts
Innocents convinced to let their accounts be used for "business transactions" — money laundering.
S.66D IT Act S.61 BNS (Abetment)
📋 Case Study
The Innocent Money Mule — Defence Strategy

Facts: College student promised ₹5,000/month to let his account be used for "import-export business". Fraud money routed through his account. Police arrest him.

Prosecution Argument: Account holder is abettor (S.61 BNS), knew or ought to have known transactions were fraudulent.

Defence Strategy:

• Establish lack of mens rea — client genuinely believed it was legitimate business

• Show client was himself a victim of deception

• Client received minimal benefit (₹5,000) compared to amounts transacted (lakhs)

• No communication with actual victims

• Cooperated with investigation, provided all information about recruiter

4.2

Social Engineering Scams

🧠 Psychology of Deception

Social engineering exploits human psychology, not technical vulnerabilities. Key triggers:

Trust: Impersonating authority figures (police, bank, government)

Fear: "Your account will be blocked", "You're under investigation"

Urgency: "Act now or lose everything", "Limited time offer"

Greed: "You've won lottery", "Investment returns 50%/month"

Phishing / Vishing / Smishing

Type Medium Common Pretext Sections
Phishing Email, Fake websites Bank verification, KYC update, prize notification S.66C + S.66D
Vishing Voice calls Bank officer, customer care, police S.66D + S.319 BNS
Smishing SMS OTP sharing, link clicking, KYC expiry S.66C + S.66D
Spear Phishing Targeted email CEO fraud, vendor impersonation S.66D + S.318 BNS
🚨 2024 Epidemic
"Digital Arrest" Scam

Fraudsters impersonate CBI, ED, Narcotics Bureau, or Customs officers. Claim victim is implicated in money laundering, drug trafficking, or national security case.

Modus Operandi: Video call showing fake police station background, forged arrest warrants, "case numbers", even fake Supreme Court orders. Victim kept on video call for hours/days ("digital arrest") while transferring money to "clear their name".

Losses: Often ₹50 lakh to ₹5 crore per victim. Targets educated professionals, businesspeople, NRIs.

  • No concept of "digital arrest" exists in Indian law
  • Real police NEVER ask for money to "settle" cases
  • Real police don't conduct investigations via video call
  • Real warrants are served physically, not shown on screen
  • Courts don't issue orders over WhatsApp
  • If in doubt, visit nearest police station physically
✅ Legal Sections for Digital Arrest Scam

IT Act: S.66C (identity theft) + S.66D (cheating by personation)

BNS: S.319 (cheating by personation) + S.318 (cheating) + S.351 (criminal intimidation) + S.308 (extortion) + S.204 (impersonating public servant — specific offence, 3 years)

If Organised: S.111 BNS (organised crime) — these scams typically involve international syndicates

⚖️ Victim Support Note

Psychological Impact: Digital arrest victims often suffer severe psychological trauma — they genuinely believed they were under arrest, feared for their family, sometimes kept awake for 48+ hours.

PTSD, anxiety, depression common. Some victims attempt suicide due to shame and financial ruin.

As counsel: Be sensitive. Connect with mental health support. Many victims are reluctant to report due to embarrassment — reassure them this is sophisticated crime, not their fault.

4.3

Investment & App-Based Frauds

💰 The Get-Rich-Quick Trap

Promise of unrealistic returns (30-50% monthly), AI-powered trading, crypto mining, forex signals. Victims often educated professionals seduced by greed and FOMO.

Pattern: Initial small "profits" shown to build trust → victim invests larger amounts → withdrawal blocked → app/website disappears.

A. Stock Market App Scams

📈 Anatomy of Fake Trading App Scam
1
Social Media Hook
Ads showing luxury lifestyle, testimonials of huge profits. Often via Instagram, YouTube, Telegram.
2
App Installation
Victim downloads "trading app" (not from Play Store). App shows fake market data, fake portfolio growth.
3
Initial Profits
Small investment shows excellent "returns". Victim allowed to withdraw to build trust.
4
Scaling Up
"Invest more to earn more". Victim puts in life savings, takes loans, borrows from family.
5
Exit Scam
Withdrawal requests denied ("tax payment required", "verification pending"). Eventually app stops working.
📊 SEBI Angle

SEBI Violations: Operating as unregistered investment advisor, unregistered stock broker, market manipulation (showing fake prices).

Action: File complaint on SEBI SCORES portal in addition to police FIR. SEBI can freeze accounts, issue investigation orders.

B. Crypto & Fake Trading Platforms

Fake Crypto Exchanges
Websites mimicking Binance, WazirX. Victim deposits crypto/money, cannot withdraw.
S.66D IT Act S.318 BNS
🐷
Pig Butchering
Romance + investment fraud. Victim "fattened" through fake relationship, then "slaughtered" financially.
S.66D IT Act S.318 BNS
🔺
Crypto Ponzi Schemes
"Guaranteed returns" from crypto mining/trading. Early investors paid from later investors' money.
PCPNMCS Act S.66D IT Act
💹
Fake Forex Trading
Unregulated forex platforms promising huge returns. Often violate FEMA regulations.
FEMA violations S.66D IT Act

C. Task/Part-Time Job Frauds

👆 "Like Videos, Earn Money" Scam

Target: Students, homemakers, unemployed youth looking for part-time income.

Modus Operandi:

1. "Like YouTube videos, earn ₹50 per like" — initial tasks actually pay

2. "Upgrade to premium membership for bigger tasks" — victim pays ₹500-5,000

3. "Combo tasks with higher returns" — victim invests more

4. "Complete deposit before withdrawal" — endless cycle

5. Eventually blocked, money gone

Sections: S.66D IT Act + S.318 BNS + S.420 (if old IPC FIR)

📋 Case Study
E-Nuggets Gaming App — ₹1,000 Crore Fraud

Facts: Mobile gaming app promised users money for playing games. 5 lakh+ users. Initially paid small amounts, then required "deposits" for withdrawal. App shut down, promoters absconded.

Legal Action:

• Multiple FIRs across states under S.66D IT Act, S.420 IPC

• ED investigation under PMLA (money laundering)

• SEBI investigation (marketed as investment)

• Freeze orders on bank accounts, crypto wallets

Lesson: Large-scale app frauds require multi-agency approach.

4.4

Legal Mapping & Charge Framing

⚖️ Selecting the Right Sections

Online fraud cases involve multiple possible sections. Selection depends on: (1) How deception was executed, (2) What was stolen, (3) Who was targeted, (4) Scale of operation.

Master Legal Mapping Table

Conduct IT Act BNS Bailability
Using another's credentials S.66C S.319 Bailable (3 yrs)
Cheating via computer resource S.66D S.318/319 Bailable (3 yrs)
Unauthorized computer access S.66 Bailable (3 yrs)
Impersonating public servant S.66D S.204 3 years
Extortion (threatening to harm) S.308 Non-bailable (7 yrs)
Introducing malware/virus S.66 + S.43 S.324 (mischief) Bailable
Organised fraud syndicate S.66D S.111 Non-bailable (Life)
⚖️ Strategic Considerations

For Prosecution/Complainant:

• Include IT Act + BNS sections for comprehensive coverage

• Add PMLA if amounts large (₹1 crore+) — ED has better recovery powers

• Include S.111 BNS if evidence of organised operation

For Defence:

• Challenge duplicate charges for same conduct (S.20 BNS, Art.20(2))

• Argue special law (IT Act) should prevail where applicable

• Attack jurisdiction if accused in different state than victim

• Focus on bail — most IT Act sections are bailable

RBI Circular on Customer Liability (2017)

🏦 Zero Liability Framework

RBI/2017-18/15 dated July 6, 2017 — Critical for banking fraud cases:

Zero Liability: Customer has zero liability if:

• Contributory fraud/negligence by bank

• Third-party breach where deficiency is neither bank's nor customer's

• Customer notifies bank within 3 working days

Limited Liability (₹10K-₹25K): If customer delays reporting beyond 3 days but within 7 days

Bank Obligation: Credit amount within 10 working days if reported within 3 days

Use This: File RBI Ombudsman complaint alongside police FIR. Banks often settle to avoid regulatory action.

Multi-Agency Approach

Agency When to Approach Portal/Contact
NCRP (1930) All cyber crimes — first point of contact 1930 / cybercrime.gov.in
RBI Ombudsman Bank negligence, unauthorized transactions cms.rbi.org.in
SEBI SCORES Investment fraud, unregistered advisors scores.gov.in
ED Large frauds (₹1Cr+), money laundering Via police/court
EOW High-value frauds, corporate frauds State EOW
4.5

Client Advisory — Recovery vs. Prosecution

💬 The Question Every Client Asks

"Can I get my money back?"

Honest answer: Criminal prosecution rarely recovers money. Recovery rate is 5-10% at best. Money moves through multiple accounts, often internationally, within minutes.

But we pursue multiple tracks to maximize chances.

Recovery Options Matrix

Option Best For Recovery Chance Timeline
Criminal (FIR) Justice, deterrence, insurance claims Low (5-10%) Years
RBI Ombudsman Bank negligence cases Medium-High 30-90 days
Civil Suit Known defendant with assets Medium 1-3 years
Consumer Forum Bank/telecom service deficiency Medium 6-12 months
⏱️ Golden Hour Protocol — First 30 Minutes

Speed is everything. Money moves through accounts within minutes. Here's the protocol:

1
Call 1930
National Cyber Crime Helpline — can freeze recipient accounts
2
Call Bank
Report fraud, request transaction reversal, block cards
3
Online Complaint
cybercrime.gov.in — generates tracking number
4
Preserve Evidence
Screenshot everything before it disappears
5
Engage Lawyer
For FIR follow-up and legal strategy
Setting Realistic Expectations

What You CAN Promise:

• Proper documentation and filing

• All available channels explored

• Regular follow-up with authorities

• Best possible legal strategy

What You CANNOT Promise:

• Guaranteed recovery of money

• Arrest of accused (especially if abroad)

• Quick resolution

• Specific timeline for investigation

📋 Evidence Preservation Checklist

Transaction Evidence:

• Bank statement showing debit

• UPI transaction IDs

• Screenshots of payment confirmations

Communication Evidence:

• WhatsApp chat exports (with media)

• Call recordings if available

• Email headers (for tracing)

• SMS screenshots

Fraudster Details:

• Phone numbers used

• UPI IDs / account numbers

• Website URLs (archive before they disappear)

• Social media profiles

• App names and screenshots

🎯 Key Takeaways — Part 2.4

  • UPI frauds most common — entering PIN ALWAYS authorizes outgoing payment
  • SIM swap involves telecom negligence — include telecom company in civil suit
  • "Digital arrest" has no legal basis — it's sophisticated psychological manipulation
  • Investment app frauds follow predictable pattern: trust building → scaling → exit scam
  • Legal mapping requires IT Act + BNS combination for comprehensive coverage
  • RBI 2017 circular provides zero liability if reported within 3 days — crucial for bank fraud cases
  • Multi-agency approach most effective: NCRP + RBI Ombudsman + SEBI (where applicable)
  • Set realistic expectations — criminal prosecution rarely recovers money
  • Golden hour reporting critical — call 1930 immediately for fund freeze
  • Evidence preservation determines case outcome — collect before it disappears

📝 Quick Assessment — Part 2.4

1. In UPI collect request fraud, victim loses money because:
Correct: B. UPI is designed so PIN entry ALWAYS authorizes outgoing payment. Fraudsters exploit victim's confusion about this.
2. "Digital arrest" in Indian law:
Correct: C. There is NO concept of "digital arrest" in Indian law. It's purely a scam technique using psychological manipulation.
3. Under RBI 2017 circular, if fraud reported within 3 days and customer not negligent:
Correct: A. RBI circular provides ZERO liability if third-party breach, customer not negligent, and reported within 3 working days.
4. For fake trading app scams, most effective complaint strategy:
Correct: D. Multi-agency approach most effective: NCRP for criminal action, SEBI for regulatory action against unregistered investment activity, RBI if bank accounts involved.
5. "Golden hour" in cyber fraud refers to:
Correct: B. "Golden hour" = critical first hours after fraud when calling 1930 helpline can trigger fund freeze before money is withdrawn/transferred further.