Incidents of cyber fraud and data breaches have increased at such an alarming pace that earlier this week, M Rajeshwar Rao, deputy governor of the Reserve Bank of India (RBI), asked banks to improve their customer grievance mechanism and provide the right support to those who are affected. This column has repeatedly warned readers about the many ways in which people are duped—this is because, notwithstanding RBI's exhortation, it is law enforcement agencies who have to deal with fraud. The current level of infrastructure and trained personnel are simply too tiny to be able to deal with rising incidents and innovative ways in which this crime is committed.
The numbers for cybercrime detection in Mumbai, the country's financial capital, alone reveal the woeful shortfall. Remember, Mumbai perhaps has the best law infrastructure to deal with cybercrime. Between 2018 and 2022, the registration of cybercrime cases jumped nearly two and a half times from 1,375 to 4,723. Of these, cases relating to credit card fraud and cheating soared six-fold from 461 in 2018 to 3,490 in 2022, according to Praja Foundation's annual report on 'Status of Policing and Law & Order Issues in Mumbai'.
Specifically, in 2022, citizens of Mumbai registered 4,723 cases of cybercrimes. However, the report shows that only 8% of 375 cases were detected and 568 persons were arrested by the Mumbai police in 2022.
In other words, 92% of the victims who have filed cases are unlikely to get back the money that is looted by cybercriminals.
According to the report, phishing, hacking or Nigerian fraud cases also increased from 11 to 38 in the same period, while fake social media profiles, morphing emails and SMS cases more than doubled from 46 to 141.
"There is a 22% shortage of the officers involved in the investigation, such as police inspector (PI), assistant police inspector (API), and police sub-inspector (PSI) as of July 2023. The pendency of cases for forensic examination directly impacts the time taken and quality of investigation of cases. Moreover, the cases pending at the end of 2022 was as high as 25,392, with an increase of 85% from 13,727 in 2016," the report says.
As RBI's warning indicated, the low level of detection of cybercrimes is made worse by poor or non-existent grievance.
According to Mr Rao, customers today face threats from technology-induced frauds such as fraudulent apps, breach of privacy and deep fakes. "Even mis-selling has emerged in a digital avatar now - called dark patterns. Dark patterns are design interfaces and tactics used to trick users into desired behaviour, such as availing high-cost short-term consumer credit masquerading as an instant loan. We must work hard, work smart and work together to protect the customer from these threats to retain and strengthen their trust."
Unfortunately, Mr Rao says, it appears that the efforts of the banks to provide timely solutions to customer grievances have not kept pace with the explosion in technology and products. "While banks are hugely invested in forging new and innovative ways of customer acquisition, very little thought seems to be going on improving the customer grievance redress mechanisms," he pointed out.
Even the much-touted national cybercrime reporting portal (
https://cybercrime.gov.in/ ) or toll-free number of 1930 is proving to be not easily accessible when needed most by the victims. A simple search on the internet or X (erstwhile Twitter) will show difficulties faced by victims while trying to reach the portal and calling the 1930 number.
A
report in the Indian Express says, it called the 1930 helpline number at least 15 times between August, September and October, but got through only twice and, in many of the instances, there was an automated response following which the line was cut with the message 'line busy'. "This has been the story of several Mumbaikars who had called up 1930—a country-wide cyber-crime helpline number, after being victims of frauds. Mumbai, considered the financial capital of the country, is plagued by cyber crimes with lakhs of rupees estimated to be lost daily to fraudsters calling from various parts of the state."
An officer from the Maharashtra cyber cell told the newspaper that they have 23 lines (for 1930 number) and have struggled to get manpower to take those calls. Initially, the cyber police used employees from the Maharashtra State Security Corporation (MSSC). They left after the cyber police did not pay remuneration in time, the report says.
From the above-information, it becomes clear that the burden to safeguard personal details and money falls squarely on the end-user or customer. In cybercrime-related cases, the detection rate is too low and without any effective grievance redress mechanism, the victim is left to bear the loss or suffer the consequences like running from pillar to post to get justice.
So, what is your best alternative? One option is to stay alert and remain cautious, especially for financial transactions.
You can also significantly reduce the risk of cyber fraud by following a few suggestions…
• Create complex passwords using a combination of letters, numbers and symbols.
• Avoid using easily guessable information, such as your name, date of birth, or common words.
• Use a unique password for each of your accounts.
• Whenever possible, enable two or multi-factor authentication for all accounts. This adds an extra layer of security by requiring a second form of verification, such as a code sent to your mobile device.
• Be cautious when clicking links or downloading attachments from unexpected or suspicious emails, messages, or websites.
• Verify the legitimacy of emails, especially those requesting sensitive information or financial transactions.
• Be extra cautious about sharing personal information on social media or with an unknown caller.
• Be sceptical of unsolicited communication, even if it appears to be from a trusted source.
• Be mindful of the information you share online, including on social media platforms.
• Avoid oversharing personal details that could be used for social engineering attacks.
• Regularly review your bank and credit card statements for any unauthorised transactions and immediately report any discrepancies to the bank or financial institution.
Stay Alert, Stay Safe!