Cyber Fraud in Banking Transactions

Syllabus: GS3/Cyber Security

Context

• According to a projection made by the Indian Cyber Crime Coordination Centre (I4C), Indians are likely to lose over ₹1.2 lakh crore (nearly 0.7% of the country’s GDP) over the next year due to cyber frauds.

Surges of Cyber Fraud in Banking Transactions

• In the fiscal year 2024, India witnessed a dramatic surge in cyber fraud related to banking transactions, with incidents tripling compared to the previous year. 
• According to the Reserve Bank of India’s (RBI) annual report, the number of frauds in the card and internet category skyrocketed to 29,082, accounting for 80% of all banking frauds.
  • It represents a staggering 334% increase from the 6,699 incidents reported in fiscal year 2023.

Types of Cyber Fraud – Phishing Attacks: Fraudsters use deceptive emails and websites to steal sensitive information such as passwords and credit card details. – Identity Theft: Criminals obtain personal information to impersonate individuals, leading to financial and reputational damage. – Online Scams: These include lottery scams, job frauds, and fake online shopping websites that trick victims into parting with their money.

Key Factors Behind the Surge

• Increased Digitisation: The rapid adoption of digital payment methods, including credit cards and online banking, has created more opportunities for cybercriminals.
  • As more people rely on these digital channels, the vulnerabilities within these systems have become more apparent.
• Sophisticated Cyber Attacks: Cybercriminals have become more adept at exploiting weaknesses in digital payment systems.
  • Techniques such as phishing, identity theft, and the use of malicious software have become more prevalent, allowing fraudsters to gain access to sensitive personal information.
• Behavioural Vulnerabilities: Many frauds occur due to human error, such as sharing passwords or falling for phishing scams.
  • Senior citizens, in particular, are often targeted due to their lack of familiarity with digital security practices.

Financial Impact

• The financial impact of these frauds has been significant. In fiscal year 2024, the total value of card and internet frauds reached ₹1,457 crore, the highest amount recorded in the past six years.
• It highlights the need for enhanced security measures and greater awareness among consumers.

Regulating Cyber Fraud in India

• With the rapid digitisation of services and the increasing reliance on the internet, cyber fraud has emerged as a significant threat in India. 
• It involves a comprehensive legal framework designed to prevent, detect, and penalise cybercrimes.

Key Legislative Measures

• Information Technology Act, 2000 (IT Act): It provides legal recognition for electronic transactions and aims to facilitate e-commerce and addresses various cybercrimes, including hacking, identity theft, and cyber terrorism. Key sections relevant to cyber fraud include:
  • Section 66C: Punishment for identity theft.
  • Section 66D: Punishment for cheating by personation using computer resources.
  • Section 43: Penalty for damage to computer systems.
• Indian Penal Code (IPC), 1860: It includes provisions that address cyber fraud like:
  • Section 420: Cheating and dishonestly inducing delivery of property.
  • Section 468: Forgery for the purpose of cheating.
  • Section 471: Using as genuine a forged document.
• Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021: These rules mandate intermediaries, such as social media platforms, to exercise due diligence and ensure the safety and security of users.
  • They require intermediaries to report cyber incidents to the Indian Computer Emergency Response Team (CERT-In).

Regulatory Bodies and Initiatives

• Indian Cyber Crime Coordination Centre (I4C): Established under the Ministry of Home Affairs, I4C aims to combat cybercrime in a coordinated manner.
  • It provides a platform for law enforcement agencies to collaborate and share information on cybercrime.
• Cyber Swachhta Kendra: This initiative by CERT-In focuses on creating awareness about cybersecurity and providing tools to detect and remove malicious software from devices.
• National Cyber Security Policy, 2013: It outlines strategies to protect the public and private infrastructure from cyber threats. It emphasises the need for a secure and resilient cyberspace.
• National Cyber Crime Reporting Portal: It allows citizens to report various types of cybercrimes, including financial fraud and crimes against women and children.

Challenges in Combating Cyber Fraud in India

• Rapid Technological Advancements: The fast pace of technological change makes it difficult for laws to keep up with new types of cybercrimes.
• Resource Constraints: Many organisations, especially small and medium-sized enterprises (SMEs), lack the resources to implement robust cybersecurity measures. It makes them easy targets for cyber criminals.
• Coordination Among Agencies: Effective cybersecurity requires coordination among various government agencies and departments, private sector entities, and international partners. However, it is often lacking, leading to fragmented efforts and inefficiencies.
• Jurisdictional Issues: Cybercrimes often transcend national borders, complicating the enforcement of laws.
• Lack of Awareness: Many individuals and businesses are unaware of the risks associated with cyber fraud and the measures to prevent it.

Measures to Combat Cyber Fraud

• Enhanced Security Protocols: Banks and financial institutions need to implement stronger security protocols to protect against cyber attacks.
  • It includes multi-factor authentication and advanced encryption techniques.
• Regulatory Oversight: The RBI and other regulatory bodies must continue to monitor and enforce compliance with cybersecurity standards.
  • Regular audits and assessments can help identify and mitigate potential risks.
• Consumer Education: Educating consumers about the risks of cyber fraud and how to protect themselves is crucial.
  • Awareness campaigns can help individuals recognize and avoid common scams.

Conclusion

• The surge in cyber fraud in fiscal year 2024 underscores the urgent need for robust cybersecurity measures in the banking sector.
• As digital transactions continue to grow, both financial institutions and consumers must remain vigilant to protect against these evolving threats.

Source: TH