File Copyright Online - File mutual Divorce in Delhi - Online Legal Advice - Lawyers in India

Cyber Storm Brewing In Digital Banking

The purpose of this paper is to analyze whether the emergence of digital banking is a boon or a bane or it is both. The transformation of the digital sector has brought significant convenience in making financial transactions, however, it has exposed financial institutions and the public to a multitude of cyber threats. This paper probes into the multifaceted impact of cyber-crimes on digital banking.

The paper shall delve into the drawbacks and lack of implementation of cyber laws and the current state of digital frauds which includes account takeover, identity theft, fraudulent payment, phishing, etc.

Introduction
The world's first computer was developed in the year 1940. However, it was scarcely accessible to people during that period making it an unpopular instance. With the rapid advancements in technology and digitalization, there is a noticeable increase in the number of victims of cybercrimes. India launched its digital program back in 2015[1], to develop robust digital infrastructure leading to easy accessibility of public services.

  1. Robust digital infrastructure
  2. Accessible government services
  3. Empowered citizens
With the advancement of society via digitalization, there has been a surge in certain illegal activities and the most prevalent one is cybercrimes, these are the most evolving felonious undertakings as with the current state of any developing techno-country these crimes tend to harm the individuals, companies, banks, society, and nation as a whole, cybercrimes include, identity theft, financial fraud, online harassment, intellectual property thefts etc.

The coherent integration of nations all over the world and the extensive use of digital services made available to us have opened a wide market for cyber-criminals to exploit the systems, disrupt operations, and earn profit from such illicit activities. Cybercrime is not narrowed by geographical margins; attackers can operate from virtually anywhere, making it a worldwide concern that requires synchronized international efforts.

The aftermath of these illegal cyber activities is extreme as it affects an individual and society as a whole by causing them financial distress, damage to one's reputation, physical duress, privacy infringement, and in certain cases physical harm. Such situations pose significant challenges to law enforcement officers, agencies, government, organizations, and individuals, who must for a better and safer future continuously evolve strategies to address budding threats and implement strong cybersecurity measures to alleviate risks.

The swelling use of conveniences provided by digitalization has brought unparalleled benefits, offering customers easy transactions, online transfers, managed accounts, and other aspects of finance. It has enabled users to pay bills, transfer funds, loans, and so on in just a few taps.

The merger of technology and banking has proved to be a significant contribution made by humans for the humans, this has made a tedious process easy and accessible on a larger scale. Online banking refers to transactions made via digital media and which has evaporated the use of traditional banking methods which used to take up long standing hours and delayed transactions.

The underlying consequences of the transition from physical to digital are far more concerning, because the users sometimes themselves jeopardize themselves by putting up their private information, this creates a fertile ground for cyber criminals who are constantly and more effectively enhancing their tactics to defraud people causing them great damage.

Due to this pervasiveness and adverse effects on individuals, businesses, and society as a whole, it becomes crucial to study cybercrimes.

The following points are outlined to understand the impact of cyber crimes:

  1. Economic Impact: the current state of digital safety in many aspects is lagging, and this can be corroborated by the increasing number of fraud incidents. Not only individuals, but also many businesses and governments as well have suffered the consequences.
     
  2. National Security: the growing cyber age has not only impacted the safety and security of individuals but also the nation as a whole. Cyber espionage can vandalize the security of an entire nation and can cause extensive damage.
     
  3. Social Impact: the use of fake identities is the reason for the erosion of public trust on digital platforms. The impact is not restricted to trust, but it has also influenced people in such a manner that they have tendencies of self-harm.
     
  4. Awareness and Legal Implications: the need to awaken people about the potential cyber risks they may face is direly required. The law enforcement should be made stringent. Cybercriminals must be investigated and prosecuted using specialist expertise and resources.

In conclusion, though digitalization is of great convenience, it can also bring a rather greater inconvenience, although a great contribution to developing India, it has exposed customers to the claws of cyber attackers, who very effortlessly misuse the information of the customers. Studying cybercrimes is important for effectively addressing the issues.

Objective of the study
The objective of the paper is to analyze different types of cyber threats that are imposed on digital banking.

Types of Cybercrimes in Digital Banking

Cybercrimes related to banking include a variety of harmful activities, such as phishing, DDoS, vishing, identity theft, etc. With the growing world, digitalization remains the most prominent contribution, as nowadays a world without digital media or sources is almost unimaginable, however, as rapid development is taking place it has exposed users to the vulnerabilities of the cyber world. Phishing is most common among the cybercrimes in digital banking.

"Cybercrime poses a significant threat to the financial services sector as it tries to cause widespread disruption and serious economic damage," said Steve Winterfeld, Advisory CISO at Akamai.[2]
  1. Phishing Attack Phishing is the most commonly used cyber tactic by attackers. In this method, attackers lure customers and entrap them into providing private information such as passwords, OTP, credentials, bank details, etc. A scammer sends a message that appears to be from a reliable source, including emails, phone calls, or websites, to deceive people into sharing sensitive information. In the year 2023, phishing scams targeted the United States (55.9%), the United Kingdom (5.6%), and India (3.9%). India experienced over 79 million phishing attacks, making it the third most targeted country. Phishing continues to be the most common email attack method, accounting for 39.6% of all email threats.
     
  2. Identity Theft Identity theft, as the term itself suggests, occurs when scammers use personal information to pose as someone else. They use information such as Social Security Numbers (SSN), Dates of Birth (DoB), or even scrap mail. Once they get hold of such information, they can open fake bank accounts, apply for loans, or engage in other illicit financial activities. In the year 2022, India ranked first worldwide by the number of identity theft cases, with an estimated 27.2 million cases, followed by the USA with approximately 13.5 million cases and Japan with 3 million cases annually.
     
  3. Ransomware Ransomware is malicious malware that blocks a user's access to the system, either by locking the screen or user files, until a ransom is paid. A recent study by CERT revealed that in 2023, ransomware attacks surged by 51%. In the same year, ransomware attacks caused significant upheaval in Indian businesses, resulting in major financial losses. The average ransom demand was approximately ₹40 crores ($4.8 million) per incident, with recovery expenses estimated at ₹11 crore ($1.35 million).
     
  4. DDoS Attack Distributed Denial of Service (DDoS) attacks drastically reduce the loading speed of websites, particularly those belonging to banking institutions. DDoS attacks occur when several systems overwhelm the bandwidth or resources of a targeted system. DORKBOT is a major botnet used for cybercrime, enabling theft of sensitive data, initiation of DoS attacks, disabling of security measures, and distribution of malware. In 2023, during the G20 summit, over 600 government and private entities in India were targeted by more than 30 hacktivist groups through DDoS attacks.
     
  5. Vishing Attack A vishing attack, or voice phishing attack, deceives people over phone calls where scammers trick them into revealing sensitive information. Data shared by Delhi Police revealed that until June this year, 25,924 UPI-related complaints, 5,312 internet banking complaints, and 5,486 fraud calls or vishing complaints were filed on the National Cyber Crime Portal (NCRP).


Consequences of cybercrimes on digital banking:

  • Impact on Consumer Trust Trust is a critical element for the sustainability of digital banking services. Due to the surge in criminal activities in digital banking, consumers have become reluctant to entrust banks with their private and sensitive information, and this has drastically changed the dynamics of the relationship between a bank and a consumer. High-profile banking scams can erode the confidence a user puts in respective banks, and with the digitalization of almost every amenity nowadays, it's quite precarious to trust just anything.
     
  • Financial Implications With the increasing number of online frauds, the determination of the aftermath is unimaginable, as it has implications beyond customer dissatisfaction. Persistent disruptions can severely impact the cash flow, hampering the ability to meet financial responsibilities and potentially impacting its liquidity. Since banks are the backbone of every economy, and for developing nations like India, it is quintessential to have a strong cyber-secure network.

    With digital payments being made every second, privacy has been exposed to the clutches of attackers. This has impacted not only the financial sector but other sectors as well, as every sector is somehow interlinked. Since banks are the backbone, if there is a disruption in their functioning, it can have some severe repercussions, such as delays in payroll processing, issues in supply chain payments, and overall economic instability.
     
  • Damage to Sensitive Data Cyberattacks induce a prominent threat to confidential personal and financial data, including account details, SSNs, and payment details. When such an infringement occurs, it endangers the individuals with a scale of privacy violations, which may include severe repercussions. The consequences of this are beyond the immediate loss of data.
     
  • Operational Risks Based on the Basel Committee's report on banking supervision "Consultative Document on Operational Risk," operational risk is defined as "the risk of direct or indirect loss as a consequence of inadequate or failed internal processes, people, and systems, or from external events." Cyberattacks such as ransomware pose difficulties to the banking operations by causing a halt in the regular transactions and other services. Bank services like payment processing, online banking, and customer support may become unavailable, leading to dissatisfaction among customers.


Instances of cyber-attacks:

  1. Cyberabad cybercrime police nab two for cheating techie to tune of Rs. 2.29 cr: 2 scammers hailing from Aurangabad, Maharashtra, duped a software engineer into transferring Rs. 2.29 cr. The duo had promised high returns through stock investments. However, the victim was only shown virtual profiles and could not withdraw the funds. The police took action and are now working to catch their absconding associates.
     
  2. 35-year-old woman falls prey to cyber fraud, loses Rs. 1 lakh in Hyderabad: In yet another case, a 35-year-old woman residing in Hyderabad fell prey to a cyber fraud, losing around Rs. 1 lakh. The attackers contacted her via WhatsApp, posing as bank executives and claiming that she needed to update her bank details. They warned her that failing to comply would risk losing her access to transactions. When she denied their request, they threatened her with a penalty of Rs. 5000. The scammers gained access to her email and personal information, leading to Rs. 1,08,990 being deducted from her account.
     
  3. Ex-serviceman duped of Rs. 45 lakh by cyber criminals: On July 21, 2024, an ex-serviceman received a call regarding a personal loan and installation of a mobile tower. The victim sent copies of his Aadhar card, PAN card, and bank passbook via WhatsApp. Believing he would receive a loan, he transferred a total amount of Rs. 18 lakh across five different bank accounts. Later, the fraudsters turned off their mobile phone.
     
  4. Woman loses Rs. 4 lakh in cyber fraud involving fake police call in Karnataka: Fraudsters duped a 23-year-old woman of Rs. 4 lakh by posing as police officers from Mumbai investigating a supposed international parcel scam. The incident occurred on November 4, 2024, when the woman received a call from an unknown number. The call was about a FedEx parcel containing a laptop, five credit cards, and 420 grams of MDMA being sent from Mumbai to Iran.
The officer instructed the woman to install the Skype app to record her statement, following which she got connected to an account named "MH0066OFFICIAL CYBER DEPARTMENT", further in their claim they mentioned that an ICICI employee released her bank details. She was then asked to apply for a loan of Rs. 3.8 lakhs through the ICICI bank mobile app. After the crediting of the loan amount, she was directed to transfer Rs. 2 lakhs to 2 different bank accounts with the claim that the amount would be refunded in 15 minutes.[22]

Methodology
This research is based on a qualitative method, it comprises insights from various articles, publications, news articles, and statistical data and numbers that depict the increasing instances of cyber-attacks. The sources are mostly government documents, published academic papers, journals, print media, and findings of RBI and NCRB.

Findings
Prevalence of Cyber-crimes
The findings of this paper indicate that identity theft remains the most commonly reported cybercrime attack. Furthermore, it can be said that the provision of e-banking has brought a certain level of convenience for the people but it can be said that most people who still are not tech-savvy remain unaware of the potential use of the service.

The easiest prey for the attackers is the underprivileged group of people, who are still unaware of the remedies that can be taken in case of any such infringement. Consequently, the surge in these activities has severely affected consumer trust and has caused great havoc in the Indian digital banking systems.

Financial Impact on Banks
These cybercrimes have not only affected individuals but their consequences extend beyond that, as it has caused the banks to incur severe losses in the form of data breaches, operational disruptions, implementing security measures, coupled with regulatory fines, all such factors pose a continuous financial strain on banks.

Legal provisions
  1. IT Act 2000, which was amended in the year 2008, the amendment introduced the provision for electronic signatures, thereby creating new offenses.
    • Section 43 of the act states that anyone who, without the permission of the person in charge of the computer system, installs such a virus or accesses the data stored in the system or causes denial of access will be liable to pay a penalty up to Rs. 1 crore.
    • Section 66F of the act provides for deliberate attacks to disrupt the services or availability of networks, which would attract a punishment of 7 years and a fine.
    • Section 66D of the act states the provision for phishing, imposing a penalty of up to 3 years and a fine.
    • Section 66C of the act states the provision for penalties for identity theft, which involves punishment for up to 3 years and a fine.
       
  2. BNS Section 303 states: "Whoever, intending to take dishonestly any movable property out of the possession of any person without that person's consent, moves that property to such taking, is said to commit theft." In the case of Jagjeet Singh v. State of Punjab & Anr, the SC established that hacking and data theft would attract liability under IPC and not just the IT Act.

Conclusion
Cybercrime presents a substantial threat to the veracity and reliability of online banking. As the financial sector continues to culminate and innovate, it becomes vital for banks to make their cybersecurity top-notch and strong enough to protect their customer's data.

References
  1. Dr. Vijayalakshmi P, Dr.V. Priyadarshini, Dr. Umamaheswari K: Impacts of cybercrime on Internet banking [26]
  2. Suman Acharya, Sujata Joshi: Impact of cyber-attacks on banking institutions in India: a study of safety mechanisms and preventive measures
  3. Adela BUÇPAPAJ: Digitalization and Crime
  4. DSCI Authors: Prasad Deore, Neha Mishra, Contributor Amit Kr. Ghosh, SEQRITE Authors: Jaswinder Singh, Shayak Tarafdar, Priyabrata Dash : Communications India Cyber Threat report 2023: by Data Security Council of India (DSCI) and SEQRITE
  5. Manuj Aggarwal Ministry of Electronics & IT Delhi, India Ransomware Attack: An Evolving Targeted Threat
  6. Sameer Patil, & Sagnik Chakraborty, A Cyber Security Agenda for India's Digital Payment System
  7. Cyber Digest [27]
  8. Shri G Padmanabhan, Executive Director at the Sri Chithira Thirunal: Emerging Issues in Cyber Security in the Financial Sector
End Notes
  1. https://www.investindia.gov.in/team-india-blogs/digital-india-revolutionising-tech-landscape
  2. https://www.akamai.com/lp/soti/financial-services-trends-2024
  3. https://timesofindia.indiatimes.com/business/india-business/india-ranks-third-globally-for-phishing-attacks
  4. Hornet security's Cyber Security Report 2024
  5. https://www.statista.com/statistics/1389318/identity-theft-victims-in-selected-countries/#statisticContainer
  6. https://www.livemint.com/mint-lounge/business-of-life/ransomware-surge-india-digital-security-11730013128459.html
  7. https://www.statista.com/statistics/494947/ransomware-attacks-peryear-worldwide/ [Accessed May 05, 2023]
  8. https://www.meity.gov.in/writereaddata/files/Ransomware_Attack_An_Evolving_Targeted_Threat.pdf
  9. https://www.dsci.in/files/content/knowledge-centre/2023/India-Cyber-Threat-Report-2023_0.pdf
  10. https://economictimes.indiatimes.com/news/india/online-payment-frauds-surging-in-the-capital-how-scamsters-are-fooling-delhis-netizens/articleshow/114030764.cms
  11. https://rbi.org.in/scripts/PublicationReportDetails.aspx?ID=624#L2
  12. https://www.bis.org/publ/bcbsca07.pdf
  13. https://cybercrime.gov.in/Webform/dailyDigest.aspx
  14. https://telanganatoday.com/cyberabad-cybercrime-police-nab-two-for-cheating-techie-to-tune-of-rs-2-29-cr
  15. https://hyderabad-35-year-old-woman-falls-prey-to-cyber-fraud-loses-rs-1-lakh
  16. https://www.tribuneindia.com/news/ludhiana/ex-serviceman-duped-of-45-lakh-by-cyber-criminals
  17. https://www.newindianexpress.com/states/karnataka/2024/Nov/11/woman-loses-rs-4-lakh-in-cyber-fraud-involving-fake-police-call-in-karnataka
  18. https://rbi.org.in/scripts/PublicationReportDetails.aspx?ID=624#L7
  19. Special Leave Petition (Criminal) No. 3583 of 2021
  20. https://www.livelaw.in/top-stories/supreme-court-hacking-and-data-theft-case-information-technologyitact-indian-penal-codeipc-174560
  21. https://www.researchgate.net/publication/351891885_IMPACTS_OF_CYBER_CRIME_ON_INTERNET_BANKING


Award Winning Article Is Written By: Ms.Lavanya Chittora
Certificate Of Excellence - Legal Service India
Authentication No: NV433204565391-1-1124

Law Article in India

You May Like

Lawyers in India - Search By City

Copyright Filing
Online Copyright Registration


LawArticles

How To File For Mutual Divorce In Delhi

Titile

How To File For Mutual Divorce In Delhi Mutual Consent Divorce is the Simplest Way to Obtain a D...

Increased Age For Girls Marriage

Titile

It is hoped that the Prohibition of Child Marriage (Amendment) Bill, 2021, which intends to inc...

Facade of Social Media

Titile

One may very easily get absorbed in the lives of others as one scrolls through a Facebook news ...

Section 482 CrPc - Quashing Of FIR: Guid...

Titile

The Inherent power under Section 482 in The Code Of Criminal Procedure, 1973 (37th Chapter of t...

The Uniform Civil Code (UCC) in India: A...

Titile

The Uniform Civil Code (UCC) is a concept that proposes the unification of personal laws across...

Role Of Artificial Intelligence In Legal...

Titile

Artificial intelligence (AI) is revolutionizing various sectors of the economy, and the legal i...

Lawyers Registration
Lawyers Membership - Get Clients Online


File caveat In Supreme Court Instantly