General Knowledge

Cybercrime in India: Rising Threats, AI Scams & Legal Reforms You Need to Know

23 July 2025
ASHISH HANSDA

Cybercrime in India: A Growing Menace from Southeast Asia

According to the Ministry of Home Affairs (MHA), a lot of the online scams that target Indians come from Southeast Asia. Over half of the about Rs 7,000 crore that was lost to online scams in the first five months of this year (January to May) were traced back to networks based in Myanmar, Cambodia, Vietnam, Laos, and Thailand. The Indian Cyber Crime Coordination Centre (I4C), which is part of the Ministry of Home Affairs (MHA), says that these scams are usually run from high-security places that are supposedly run by Chinese people. These are the places where trafficked people, including Indians, are forced to work.

Cybercrime in India: The Dark Side of Digital India’s Rapid Growth

The government’s most important scheme, “Digital India,” turned ten years old on July 1. Over the last ten years, India’s use of digital technology has changed in huge ways. It has become the digital economy that is growing the fastest. As it keeps growing, it has become a way of life for people who live there. But this digital revolution has also brought about some problems for both lawmakers and the security machinery. Cybercrime comes in many ways to meet these needs.

What is Cybercrime? A Simple Definition

A computer, communication device, or computer network is used to perform a crime or help someone else do it. This is what cybercrime is generally defined as.

Cybercrime has grown and changed in many ways. Some important types of hacking are:
  1. Phishing: This is a popular type of cyberattack that targets people through phone calls, emails, texts, and other ways of communicating with them. The goal of a phishing attack is to get the person who receives it to do what the attacker wants, like giving away private information like financial or system login credentials. At their core, these threats take advantage of weaknesses in people’s minds rather than in technology.
  2. Attacks with ransomware: This is a type of virus. It usually locks the system so that users can’t get to their files or the system. After getting a ransom demand from the attacker, the user is given access again. Without this, data is lost forever or, in some cases, made public.

India has seen a sharp 55% rise in ransomware attacks, with 98 cases being recorded in 2024. In May and October, most of these kinds of activities were mentioned. A study called “Ransomware Trends 2024: Insights for Global Cybersecurity Readiness” from CyberPeace, a non-profit organization that works to protect computers and networks, gave us the most recent numbers.

  1. Whale Phishing: This type of phishing is different from other types because it targets specific people. One difference between whaling and spear phishing is that whaling only goes after high-level employees of a company, while spear phishing usually goes after a group of less influential employees.
  2. Smishing is a type of cyberattack that attacks people through text messages or SMS. The word comes from the words “SMS” and “phishing.”
  3. Vishing, which is short for “voice phishing,” is when scammers call people and pretend to be official people, like bank employees, to get them to give them their OTPs or account information.
  4. Cyberstalking is when someone uses electronic communication to follow someone else or repeatedly tries to get in touch with them to start a conversation, even when that person makes it clear that they are not interested. Anyone who keeps an eye on someone else’s internet, email, or any other form of electronic communication is guilty of stalking.
  5. Identity Theft: Someone steals your identity when they use your personal information, like your bank account number and credit card number, without your permission to make money or commit scams. Thieves can use your information to get into your accounts, open new accounts without your permission, buy things without your knowledge, or even commit crimes.
  6. Ponzi and Investment Schemes: Apps and websites that promise unrealistically high returns and often don’t have to answer to any regulators are used to trick people into scams.
  7. Trojan horse: A Trojan horse is a harmful program that looks like a real one. Trojan horses are not viruses because they do not copy themselves, but they can be just as harmful. When Trojans get on your computer, they open a back door that lets bad people and programs in. This lets them steal your private and sensitive data.

Cybercrime in India: AI-Powered Cyber Threats: The New Age of Digital Deception

Cyber dangers have evolved into complex, AI-powered operations that are carefully planned to take advantage of weak spots in people.

  1. Targeted phishing: Attackers can use AI to scrape social media accounts and send phishing emails to specific people. For example, a worker in Bengaluru might get an email that looks like it came from a local job board and says Infosys has a high-paying job opening.
  2. Deepfake technology: Voices and videos made by AI are used in phishing calls to pretend to be people you know and trust. One example is that deepfake voice calls of CEOs have been used to authorize fraudulent money transfers in Indian businesses.
  3. Polymorphic malware: Phishing campaigns that use AI can use malware whose code is always changing, so it can get around standard antivirus programs.
  4. Chatbots for smishing: AI bots fake human exchanges on messaging apps like WhatsApp and Telegram, which makes scams seem more real.

Why Cybercrime in India is Rising Rapidly

Because of how quickly things are becoming digital, cyber dangers and digital risks have grown, and they are getting smarter every day. It’s a worry that digital theft is on the rise. Fraud is bad for the financial system because it hurts the system’s image, operations, and businesses. It also hurts customers’ trust, which can affect the system’s ability to stay stable. There is also a security issue with it. This means that in order to solve the cybercrime problem, we must first figure out what is causing the rise in cybercrime in India.

The exponential rise in the number of internet users is one of the main reasons why hacking is on the rise. Cybercriminals have more chances to take advantage of weaknesses as more people do their business, socialize, and do their jobs online. Attacks on computers have also become more complex. Criminals now use advanced methods like hacking, ransomware, and social engineering to get around security.

Cybercriminals now have a bigger target area because more people are working from home and spending more time online. A lot of people and businesses weren’t ready for how quickly things were going digital, which made their cybersecurity weak spots that were easy to attack.

Another reason is that cybercriminals can work from anywhere because the internet is anonymous and has no borders. This makes it hard for law enforcement to find crimes and bring them to justice. Fighting cybercrime is made harder by the fact that some areas don’t have strict cybersecurity rules or international cooperation.

India has many laws that cover how to deal with hacking. The Information Technology Act of 2000 includes crimes like hacking, smishing, and vishing and has punishments like jail time and fines.

Legal Framework and New Reforms to Combat Cybercrime

The Bharatiya Nagarik Suraksha Sanhita (BNSS), 2023, the Bharatiya Nyaya Sanhita, 2023, and the Bharatiya Sakshya Adhiniyam, 2023, got rid of the Indian Penal Code from the British era, the Code of Criminal Procedure, and the Indian Evidence Act. They also changed the way things work online and made cybercrime a bigger problem.

The three laws make it possible to register electronic First Information Reports (FIRs) and make electronic evidence the main way to prove something. Under the BNSS, 2023, it is legal to collect data to identify criminals. In addition, it says that all trials, investigations, and procedures can be done electronically. For an investigation, inquiry, or trial, electronic communication devices that are likely to hold digital evidence will be able to be produced.

It looks like the Bharatiya Sakshya Adhiniyam, 2023, is ready for the digital age. It calls computer records “documents.” Electronic records are called secondary evidence under the Indian Evidence Act. The new law, on the other hand, says that electronic records are the main evidence. It adds information saved in semiconductor memory or any communication devices, like laptops and smartphones, to these kinds of records.

Cybercrime in India: The Role of Technology in Investigating Cyber Offenses

The new rules make it easier to use technology to collect and present evidence more quickly and effectively. These changes to India’s laws will make both investigations and the court system easier, especially when it comes to cybercrime cases.

In the past few years, the government has also put more money into defense. But there are still problems. When funds are given out, they need to be used well, clearly, and be accountable. For a strong method, the government, business, and academia must work together.

Building a Secure Digital Future for India

It is also important for people, businesses, and governments to put safety first. This means putting money into strong security infrastructure, giving regular security training, and putting in place strict data protection measures. To successfully fight cybercrime on a global scale, it is also important to encourage countries to work together and share information and best practices.

This article is based on the original report published by The Indian Express on July 20, 2025, titled “UPSC Issue at a Glance | India’s Cybercrime Challenge: Rise and Response”, written by Roshni Yadav.

Leave a Reply

Your email address will not be published. Required fields are marked *