The recent incident involving traveller Bhargavii Mani marks the alarming rise of cybercrime in India, particularly through sophisticated scams exploiting social engineering and technical vulnerabilities. As of 2024, the Indian digital landscape is fraught with risks, with citizens losing substantial amounts to online fraud.
About Cybercrime Tactics
Cybercriminals often employ a combination of social engineering and technical prowess to deceive victims. In Mani’s case, she was lured into downloading a malicious APK disguised as a legitimate app. Social engineering tactics, such as impersonating customer service representatives, are commonly used to create a sense of trust. This method is not new; in fact, it has been around since the early days of the internet but has evolved with technology.
The Role of Big Tech Platforms
Big Tech platforms can inadvertently facilitate cybercrime by allowing malicious links to appear in search results. The fraudulent website, which mimicked a legitimate service, was one of the top results on Google, demonstrating a gap in the verification processes of such platforms. Interestingly, Google’s algorithms have been known to struggle with distinguishing between legitimate and fraudulent sites, especially when the latter is newly created and quickly optimised for search visibility.
How Malicious APKs Function
The malicious APK downloaded by Mani gained access to her device through screen mirroring, a feature that can be exploited if users are not cautious. While Apple’s iOS has strict protocols preventing direct app downloads from unverified sources, users can enable beta testing features that may expose them to risks. This marks a lesser-known fact – while iOS is generally more secure than Android, no system is entirely immune to exploitation if users are not vigilant.
Call Forwarding and Its Implications
Once the APK was installed, scammers likely enabled call forwarding on Mani’s device. This technique allows them to intercept one-time passwords (OTPs) and other sensitive communications, facilitating unauthorised transactions. The method of call forwarding is not just limited to mobile networks; it can also be manipulated through various apps designed to manage phone settings, showcasing the technical sophistication of modern scams.
The Broader Cybercrime Landscape in India
India is experiencing an alarming increase in cybercrime incidents. In 2023, citizens reported losses of ₹66.66 crore across nearly 5,000 cases. The Indian Cybercrime Coordination Centre (I4C) reported that digital financial frauds have reached ₹1.25 lakh crore over three years. This surge is exacerbated by widespread data breaches, with India ranking fifth globally in compromised accounts. The intricate web of scams is often facilitated by leaked personal data, making individuals more vulnerable.
Best Practices for Online Safety
To mitigate the risk of falling victim to cybercrime, users should adopt best practices such as verifying links before clicking, avoiding downloads from untrusted sources, and regularly monitoring financial statements for unauthorised transactions. Additionally, using password managers to check for compromised credentials can enhance online security. An often-overlooked measure is educating oneself about the latest scams and techniques used by cybercriminals.
Questions for UPSC:
- Discuss the impact of social engineering techniques on cybersecurity in India.
- Evaluate the effectiveness of current regulations in combating cybercrime.
- Analyse the role of Big Tech companies in facilitating or preventing online scams.
- What measures can individuals take to protect themselves from cyber fraud?
- Examine the trends in cybercrime in India and their implications for national security.
