India’s escalating cybercrime challenge explained

Over June 12-16, Naresh Gujral, the son of former Prime Minister Inder Kumar Gujral and a former Rajya Sabha MP was defrauded of ₹7.8 crore in a cybercrime operation. Fraudsters impersonated him on a messaging platform, manipulated an employee’s phone records, and directed four RTGS transfers that appeared to be routine business transactions. Police froze ₹4 crore, but the case exposed how easily criminals can exploit trust and routine processes to siphon funds. By replacing Gujral’s number in the employee’s contact list with their own while retaining his profile picture, they made fraudulent instructions appear genuine. This blend of social engineering and technical compromise reflects the evolving face of cybercrime.

This incident sits against a broader backdrop. The State Bank of India has reported that while overall crime in India is declining due to public investment and surveillance, cybercrime is rising sharply, with cases expected to cross one lakh.

As digital transactions grow, India is confronting a silent but fast moving wave of cyber threats ranging from digital arrest scams and fraudulent websites to mule account fraud and other ingenious methods designed to bypass detection. In 2025, India’s digital fraud rate climbed to 7.1 per cent, nearly double the global average, underscoring the mounting risks as digital payments expand. Fraudsters are no longer focused only on new accounts; they increasingly target existing ones by exploiting compromised credentials. Vulnerable sectors such as logistics, telecommunications, and insurance face particularly high exposure. This surge has prompted regulators to push for stronger digital security frameworks.

Digital arrest scams have emerged as one of the most alarming trends. Fraudsters impersonate law enforcement or government officials, coercing victims through video calls and threats of prosecution. Till November 2025, over ₹3,000 crore had been extorted through such scams. Courts have responded firmly: the Delhi High Court denied bail to men accused of coercing a senior citizen into transferring ₹22.92 crore, describing them as “important cogs of the conspiratorial wheel.” The Supreme Court has taken suo motu cognisance, labelling fraudsters “parasites” and directing inter-departmental consultations to plug systemic gaps. These judicial interventions underline the recognition of cybercrime as a layered conspiracy that erodes public trust.

Fraudulent websites have also proliferated. Cricket ticket booking portals, indistinguishable from genuine sites, have duped thousands. Equally insidious is mule account fraud. Networks of disposable accounts facilitate laundering of stolen funds through thousands of low-value transactions, each calibrated to evade detection thresholds. Graph-based intelligence is now being deployed to trace these syndicates. Yet, the scale remains daunting.

The government has acknowledged the gravity of the situation. Minister of State for Home Affairs Bandi Sanjay Kumar informed the Lok Sabha that the Enforcement Directorate had taken up 257 cybercrime cases under PMLA, identifying proceeds of crime worth ₹35,925.58 crore. This staggering figure underscores the economic scale of cybercrime, which now rivals conventional organised crime in its impact. Yet, the absence of state-wise data points to gaps in monitoring and accountability.

The problem is compounded by insider involvement. In Gujarat’s Rajkot district, a large scale cyber fraud case has widened significantly. Police now estimate the total value of suspicious transactions at over ₹2,500 crore, up from an earlier figure of ₹1,500 crore. As part of “Operation Mule Hunt,” the Rajkot Rural Police have arrested 20 people, including three officials from private sector banks namely Yes Bank, Axis Bank, and HDFC Bank. Investigators allege that these employees facilitated the creation and operation of fraudulent or suspicious accounts that were central to the cyber fraud network. Their participation highlights how insider collusion can magnify risks, allowing organised syndicates to move stolen money undetected and at scale.

Banks in India have often chosen to run campaigns that shame victims rather than invest in real time fraud prevention.  deflecting accountability by implying the blame lies with the customer, one such campaign carried the slogan “Kya aap murkh hain?” (“Are you stupid?”), effectively shifting responsibility onto individuals instead of educating them.

The judiciary has however adopted a tougher, uncompromising stance on cybercrime. On June 18, the Supreme Court refused to hear a plea from an alleged cybercriminal, describing such fraudsters as “parasites” who prey on investors. This refusal to grant relief continues the court’s pattern of strong interventions against online fraud. Earlier in April, the Delhi High Court denied bail to four men accused of orchestrating a digital arrest scam that coerced a senior citizen into transferring ₹22.92 crore. The court dismissed arguments that the accused were peripheral actors, calling them “important cogs of the conspiratorial wheel.”

In November 2025, justices Surya Kant and Joymalya Bagchi barred all courts from granting bail to men accused of defrauding a 72 year old advocate of ₹3.29 crore through another digital arrest scam, stating that the situation warranted “unusual orders.” The Supreme Court has also initiated suo motu proceedings to address the growing menace. In October 2025, a complaint from a 73 year old woman in Ambala revealed that scammers used forged Supreme Court orders to place her under a digital arrest and extort over ₹1 crore. The bench then ordered inter ministerial consultations to tackle systemic gaps. Acting on these directions, the Ministry of Home Affairs constituted a high level inter departmental committee chaired by the special secretary for internal security.

The Central Bureau of Investigation informed the court that these scams are often run by organised, transnational syndicates, and it is now using INTERPOL channels to dismantle international modules.

While AI strengthens security, it is also set to intensify the challenge as it is used by criminals to design smarter scams, bypass safeguards, and scale attacks. This reality demands policy frameworks that evolve as quickly as the threats.

On June 15, the Enforcement Directorate (ED) launched a money laundering probe into a ₹500 crore cryptocurrency scam that defrauded more than 2.48 lakh investors. Investigators found transactions exceeding $219 million routed through the platform. The scheme revolved around Korvio Coin (KRO), marketed with promises of assured high returns. Fraudsters organised misleading seminars, manipulated token values, and introduced new tokens to sustain a Ponzi structure, using funds from new investors to pay earlier ones. To conceal the trail, they layered proceeds through multiple bank accounts, fictitious firms, and intermediaries, converting portions into cryptocurrency. The ED estimates investor losses at around ₹500 crore, making this one of the largest crypto-linked frauds in India.

India’s digital growth, while transformative, has also given cybercriminals a larger playground. Cybercrime has moved beyond banking or policing, becoming a national security, economic, and public trust challenge. The judiciary’s proactive stance, the government’s inter-departmental initiatives, and investigative agencies’ reliance on international cooperation through INTERPOL mark important steps. Yet, major gaps remain in reporting, investigation, and enforcement.