Understanding Cyber Frauds, Digital Arrests & Protection Tips| SCC Times

Cyber-crime is not merely a technological disaster, as it stems from intentional human actions, pointed at tarnishing an individual’s dignity, liberty and peace of mind. With the rising instances of Digital “arrests” defrauding gullible people of their hard-earned money, it seems as though the common man is walking on a minefield!

With the growth of internet usage, online payments and UPIs, the necessity of comprehensive cyber laws has become quite evident, specifically to address issues such as financial frauds, cyber bullying, online stalking, sextortion and phishing. However, these laws can be constructive only if citizens follow vigilance and report cyber offences and spread awareness to dissuade cyber abuse.

A brief Intro to Cyber Law and Why We Need It

Cyber law encompasses legal principles, and statutory provisions that regulate Cyber space. Cyber Space refers to the vast domain of digital and computer-based, electronic environments, connected through electronic networks. It covers all the digital technology infrastructure such as computer systems, the Internet network, data storage devices (Hard disks, USB disks), open-source software, digital platforms (websites), electronic communications (email), and electronic communication devices like mobile phones and automated teller machines (ATM) etc.¹

Cybercrime: Meaning and Scope

Cyber-crime refers to any unlawful act that includes the use of any computer, digital devices, or any network as a means or source to commit fraud or any unlawful activities. The digital revolution has transformed India into the world’s largest online market. However, the rapid expansion has also led to a foreseeable spurt in Cyber-Threats and Cybercrimes, underscoring the urgent need for comprehensive legal and technological protection framework².

Types of Cybercrimes

1. Cybercrime against Individual: Also referred to as Digital identity theft and social media bullying, this category involves offences such as Email Spoofing, Cyber Stalking, Online Harassment.

Section 66-C of the Information and Technology Act, 2000 (IT Act)-Criminalises Identity Theft i.e., dishonest use of an individual’s electronic signature, password or any other unique identification feature. Section 66-D of the IT Act– Punishes Cheating by Personation by using computer resource. For example: Cases of OTP frauds.
Section 67 of the IT Act- Punishes and criminalises offences for publishing or transmitting obscene material in electronic form.
Section 72 of the IT Act– Acts as a shield against malpractice of uploading any personal information, revealing personal chats, photographs, financial status.

2. Cybercrime against Property: – It deals with any unauthorised use of payment card information to carry out fraudulent transactions, which are considered forms of financial fraud, and Credit Card fraud. It also covers intellectual property violations, copyright infringement, trademark contraventions and violation of software privacy.

Section 66-C of the IT Act, 2000- Criminalises digital identity theft and Section 66-D penalise Cheating by Personation by using computer resource.

3. Cybercrime against Organisation- Also referred to as data theft, any unauthorised illegal computer access and system intrusion, denying access to the authorised owner, introducing virus to damage computer’s data system, altering, deleting, modifying any data with computer source code.

Section 43 of the IT Act, 2000- Covers unauthorised data theft.

4. Cybercrime against Society — Also known as cyber terrorism and national security threats, this is considered as another form of data theft and is the most dangerous classification of all the cybercrimes. It includes Forgery and Document falsification, web jacking or unidentified access over websites, creation or alteration of any electronic files, it also includes the unlawful creation of currency notes, stamps and academic essentials using scanners and computers.

Section 66-F of the IT Act, 2000- Prescribes punishment for Cyber terrorism.

Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021: It mandates that the intermediaries or social media platforms such as Instagram, twitter, and Facebook, etc., must mark the reported content within 24-72 hours and provide needed assistance from law enforcement authorities.

The Emerging Threat of Digital Arrests

Digital Arrest is not a legally recognised form of detention but rather an orchestrated scam carried out by individuals posing as law enforcement officials (for example:- officials of Central Bureau of Investigation or Reserve Bank of India or directorate enforcement officer). These scammers maliciously accuse victims of committing a heinous crime, such as money laundering or fraud, and claim that the victim is under investigation. They then threaten the victim to pay a compliance amount or threatening that failure to do so would result in imprisonment.

The National Cyber Crime Threat Analytics Unit (NCTAU) and the Ministry of Home Affairs expressly shed light on having no lawful statutory provision to discern digital arrest.³

So far as digital Identity theft (Section 66-D of The IT Act) is concerned, the following provisions under Bhartiya Nyaya Sanhita, 2023 (BNS) can be invoked against such offenders:-

Section 111 BNS- Covers Organised cyber-crime, involving cyber mafias operating across borders.
Section 204 BNS (Section 170 IPC)- Covers impersonation of public official; Section 205 BNS (Section 171 IPC) covers wearing the garb or carrying the token of a public servant with fraudulent intent.
Section 351 (4) BNS (Section 507 IPC)- Prescribes punishment for criminal intimidation through anonymous communication.
Section 319 of the BNS (Section 416 IPC)- Covers Cheating by personation. While Section 318 of the BNS (Section 420 IPC) covers cheating.

Section 336 (1), (2) and (3) Section of BNS (Sections 463, 465 and 468 of the IPC)- Defines and penalises forgery. Recently, the Supreme Court addressed this form of Scam in Digital Arrest Suo Moto Case (2025)⁴, where a senior citizen couple from Ambala, Haryana, were defrauded of over 1 Crore by individuals impersonating as officials from CBI and ED officers. Justice Surya Kant and Joymalya Bagchi unanimously termed the offence as an “assault on the dignity of justice system” prescribing strict actions against such cyber criminals and directing for systematic digital forensic standard and measures.

The Indian Cyber-Crime Coordination Centre under the Ministry of Home Affairs has issued multiple many advisories against digital arrest scams. Directing individuals to not share personal and financial information with ⁵.

How Bhartiya Nyaya Sanhita (BNS 2023) can complement the IT Act 2000

Section 78 BNS, 2023- Defines the offence of stalking.

Section 79 BNS, 2023- Penalise for any words or conduct purposely used to insult the modesty of a woman.

Section 318 BNS, 2023- Deals with offences like cheating and financial fraud by personation.

These provisions make the BNS vastly applicable in majority cases of cyber-crime.

The main motive behind these complementary laws is to authorise remedies and protect rights of the victims of cyber fraud, harassment, and abuse, ensuring that they are not exposed to public scrutiny and their privacy remains intact.

Also Read: IT Rules 2025 Amendment: Strengthening Due Diligence for intermediaries against Deepfake and Unlawful Content

Ways to File a Cybercrime Complaint in India

In case of Cyber fraud, the first step is to ascertain whether it’s phishing, recognising theft, or financial scams as it can be distressing. Indian law has rationalised ways to report such crimes.

Before reporting any cybercrime, you have to firstly Identify the Nature of the Cyber Crime-

Financial fraud (e.g., UPI scams, credit card misuse) Identity theft or impersonation
Cyberstalking or online harassment Cyber Bullying (e.g. Publishing Obscene Pictures, Doxing, which refers to the act of publicly sharing and uncovering someone’s private, personal, or identifying information online without the knowledge of the aggrieved person. Often with an intention to harass, intimidate or expose).
Hacking or data breach

File Complaint Online via the National Cyber Crime Reporting Portal cybercrime.gov.in

Visit Online portal
Click on “register complaint”
Register using your mobile number and OTP
Fill the details of the incident
Collect Evidence
Submit and note your Complaint ID for tracking
There are two options for reporting cybercrimes on the portal⁶:
- Report Crime related to Women/ Child — Under this section, you can report complaints pertaining to online, (CSEAM) Child Sexual Exploitative and Abuse Material or sexually explicit content such as Rape/Gang Rape (RGR) content.
- Report Other Cybercrimes — Under this option, you can report complaints pertaining to cybercrimes such as mobile crimes, online and social media crimes, online financial frauds, ransomware, hacking, cryptocurrency crimes and online cyber trafficking.

Collection and Submission of Evidence while filing cybercrime complaint via Online Portal: the evidence may include the following⁷:

Credit card receipt
Bank statement
Envelope (if received a letter or item through mail or courier)
Brochure/Pamphlet
Online money transfer receipt
Copy of email
URL of webpage
Chat transcripts
Suspect mobile number screenshot
Videos
Images
Any other kind of document

Track Your Complaint Status After filing

Use your Complaint ID to track progress on the portal.
Follow up with local authorities if required.
Consult a cybercrime lawyer for better legal assistance.

How to file an Offline Complaint?⁸

Visit your Local Cyber Crime Cell or Police Station
Request to file a FIR (First Information Report)

If refused, Approach the Superintendent of Police or Judicial Magistrate [The Concept of Zero FIR in criminal law under section 154 of the CrPC, 1973 (Section 173(1) of BNSS, 2023)], is more efficient and effective way to make police bound to take jurisdiction immediately to avoid delay and enable the case to proceed fast and safe.

Use the Cyber Crime Helpline

In case for urgent financial frauds: One can dial 1930 (National Cyber Crime Helpline Number) Available for UPI scams, phishing, and debit/credit card frauds.
Taking help can block suspicious negotiations quickly.

Availing Remedies for Cybercrimes: Tips to take Note of

Report instantaneously especially in financial fraud cases.
Secure helpline numbers and bookmark the portal for quick access.
Stay informed about digital safety practices.

Notable Judgements: –

K.S. Puttaswamy (Privacy-9J.) v. Union of India, (2017) 10 SCC 1

K.S. Puttaswamy v. Union of India, is the landmark Judgment that laid the foundational ruling for right to privacy in the digital age under Article 21 of Constitution of India when the Aadhaar Scheme was being constitutionally challenged, with concerning issues related to data collection and surveillance. The Court unanimously held that privacy is intrinsic to the right to life and personal liberty under Article 21 of Constitution , encompassing informational anonymity and exclusivity in cyber grievance complaints.

Shreya Singhal v. Union of India, (2015) 5 SCC 1

The Supreme Court struck down Section 66-A of The Information Technology Act, 2000 in its entirety, declaring it unconstitutional for infringement of Article 19 (1) (a), the right to freedom of speech and expression. The Court observed that the provision is vague and creating chilling effect on free speech in cyber space due to the fear of arbitrary arrest for promulgating disturbing online content, by authorities. The Supreme court pondered upon the vagueness of this Section 66-A, being a part of penal statutes, failed to define the key terms and lacked objectivity in the standard. Resultantly, Court declared this provision void ab initio as it was inconsistent to meet the test of constitutionality.

Google India (P) Ltd. v. Visaka Industries, (2020) 4 SCC 162

In This case the Supreme Court analysed the scope and extent of Intermediary Liability, by interpreting Section 79 of the IT Act, 2000, granting restricted immunity to intermediaries such as Google. The dispute arose when some defamatory content was posted and published on a blogging platform, and the company was being sued for not deleting the data. The Supreme Court Held that although the intermediaries are not the first one to be liable for third- party content, they are obligated to act with due diligence and must remove the unlawful content upon receiving or being notified of actual knowledge by any competent trusted authority. This Judgment strengthen the duties and liabilities of digital media platforms under Section 79 of the IT Act, and to equalize freedom of expression with liability, held that immunity provided under Section 79 of the IT, Act is not absolute, but limited.

Shaviya Sharma v. Squint Neon, 2024 SCC OnLine Del 1445

The Plaintiff posted a tweet about a political figure, which triggered several malicious tweets exposing her private and professional information, including her image and contact details, and an email sent to her employer. The plaintiff alleged that this conduct constitutes doxing. the claim for anonymity of her information available online was dismissed as her name and profile picture was uploaded. However, the Court observed that, doxing is not particularly defined or criminalised in Indian law, but recognised as infringement of privacy. Despite the lack of complete anonymity, the Court found the online conduct to be harassing and ordered the removal of five identified objectionable posts from ‘X’ (Twitter).

Avnish Bajaj v. State (NCT of Delhi), 2004 SCC OnLine Del 1160

In “Bazee.com case” the CEO of an e-commerce organisation was being arrested for allegedly distributing indecent content. The case underscored the implicit duty of intermediaries concerning third-party content, led to follow due diligence. After examining Section 67 of the IT Act and Sections 292 and 294 of the IPC, the Court observed that, no direct or indirect publication of obscene material has been established by the accused. Within 38 hours the company removed the listing after discovering its illegality.

Also Read: IT Rules 2025 Amendment: Strengthening Due Diligence for intermediaries Against deepfake and Unlawful Content

Also Read: Intermediaries Complying with the requirements of Section 79 of IT ACT and Rules exempted from Liability; Allahabad High Court Quashes FIR against Flipkart

FAQs

Are there Digital Arrests/ Can you be arrested digitally?

There is no such thing called Digital Arrests i.e., You cannot be arrested digitally.
What is Digital Arrest?

A digital arrest is a fraudulent tactic used by cybercriminals to falsely accuse individuals of breaking the law, often claiming the existence of a digital arrest warrant. These scammers pose as officials from organizations such as customs, income tax department or even central investigative agencies⁹.
How to file cybercrime with the help of Online portal?

File Online via the National Cyber Crime Reporting Portal, operated by The Ministry of Home Affairs.
What is the difference between filling an FIR and Cyber Cell Complaint?

An FIR is registered in case of criminal cognizable offence under BNSS/Cr.P.C however a Cyber Cell complaint is an initial step to inform the competent authority about the crime.
Can anonymously be complaint filed?

Yes, with the help of the concept of Zero FIR under Section 154 of the Cr.P.C., 1973 Approach the Superintendent of Police or Judicial Magistrate, one can file Complaint anonymously. This provision also helps in filing the complaints of offences related to women and children to keep their identity undisclosed or private.
Is cyberstalking a serious punishable offence?

Yes, Cyber stalking and cyber bullying is a serious punishable offence defined under section 78 of Bhartiya Nyaya Sanhita, 2023 and section 354A and 354D of the IPC. Section 67 of IT Act deals with Cyber bullying and Cyber stalking.
Which law punishes culprits of Cyber fraud?

The Information Technology Act, 2000 listed most of the cybercrimes, from hacking to data breach to unlawful hampering of the information available online. Section 65 to 71 of the IT Act deals with regularisation and punishment of cybercrime.
How to take advise in case of Cyber Fraud and from whom?

Taking advise is just in case of Cyber fraud one can consult Cybercrime lawyer who has specialised with cyber laws and knows the dealing in case of Cybercrime.
How can I check the status of my complaint on online portal?

One can easily check the status of the complaint after filing on the cybercrime portal, after receiving an acknowledgement number, visit the national cybercrime reporting portal then click on “check status” or view complaint status.