cyber crime news Archives - The Cyber Shark

Google Issues Red Alert: New AI-Based Cyber Attack Targets 1.8 Billion Gmail Users with ‘Indirect Prompt Injections’

According to Men’s Journal, Google, which has 1.8 billion Gmail users globally, recently issued a serious warning about a new type of cybersecurity threat connected to advancements in artificial intelligence. Google alerted everyone to a new type of cyberattack known as “indirect prompt injections.” Google warns of a wave of new threats Governments and corporations are also impacted by this threat, in addition to individuals. Google described the risk in a thorough blog post, saying, “As generative AI is being adopted at a rapid pace, a new wave of threats is emerging across the industry to manipulate the AI systems themselves.” Indirect prompt injections are one of these new attack methods. This attack differs in that hackers conceal malicious instructions inside emails, documents, or calendar invites rather than directly entering harmful commands into the AI prompt. According to the post, these hidden commands have the potential to cause the AI to leak user data or carry out other negative actions. Google warned that this threat poses a threat to everyone. “As more governments, businesses, and individuals adopt generative AI to get more done, this subtle yet potentially powerful attack becomes increasingly pertinent across the industry, demanding immediate attention and robust security measures,” the blog went on. Hackers use Google AI Gemini to steal passwords Scott Polderman, a tech expert, claims that hackers are using Google’s AI assistant, Gemini, to steal user data. Hackers use hidden commands in emails to force Gemini to divulge passwords without the user’s knowledge. As more people use AI for personal tasks, such as relationship and dating advice, this warning is being issued. Scott claimed that because this scam pits “AI against AI,” it differs from previous ones and may lead to more attacks of this nature. He clarified that by deceiving the AI into acting against itself, these hidden commands cause users to divulge their login credentials unintentionally. Scott also noted that the scam operates without a link to click; instead, it occurs when Gemini alerts users to their danger. He reminded everyone that Google has stated that it will never use Gemini to request login information or notify users of fraud.

Cyber Police Hunt Online Blackmailer Targeting Delhi Businessman

The Central Division Cyber Crime Police have registered a case this week in India against an unknown individual for blackmailing a Delhi businessman using morphed images of his daughter on a dating site. Following the victim’s complaint, which was made public on Saturday, officials launched an inquiry under Section 67 of the IT Act. The complaint alleges that the accused called the businessman from three different mobile phones and claimed that his daughter’s naked pictures had been posted online. To give the threat more legitimacy, a dating website link was included. To exert further pressure and demand ransom money, the accused also altered pictures of other family members and threatened to release the images further if his demands were not fulfilled. Under Section 67 of the Information Technology Act of 2000, which addresses the publication of pornographic material online, police have filed a formal complaint. To identify the blackmailer, the Cyber Crime Unit is now examining the Call Detail Records (CDR) of the phone numbers he used. “Such cases highlight the dark misuse of AI tools and social platforms for extortion. We urge victims to report immediately,” said a senior cybercrime official. Advice Cyber police are actively investigating the case to trace the blackmailer. Victims are urged to stay vigilant and report cyber threats promptly. Key Highlights: Morphed photos used for extortion in Delhi. FIR registered under IT Act Section 67. Cyber police are tracking the accused via CDR analysis. Cyber Safety Tips: Set social media accounts to private. Avoid sharing personal images or data online. Educate family members about digital impersonation risks. Report such threats to cybercrime.gov.in. Do not respond to or pay cyber blackmailers.

5 arrested in Delhi operations targeting Chinese cyber scam networks

Delhi Police arrested five people linked to Chinese-operated cyber scam networks involving fake investment and online job frauds. In a major crackdown, Delhi Police arrested five individuals this week involved in separate cyber fraud networks linked to Chinese handlers, operating via Telegram and WhatsApp. The accused reportedly laundered over ₹36 lakh using fake investment platforms, cryptocurrency, and money mules across India and Nepal. In North-West Delhi, Cyber Police arrested Pawan and Mankiraat Dhillon for cheating a victim of ₹21 lakh through a fake share market investment app. The app mimicked legitimate brokerage platforms to display fake returns, while transactions were made into bank accounts tied to cybercriminals. The accused maintained contact via Telegram and allegedly supplied Indian bank accounts to Chinese nationals. The fraudsters were traced and arrested in Mohali, Punjab, with police recovering SIM cards, cheque books, ATM cards, mobile phones, and evidence of travel to Nepal, where some of the scammed funds were received. In a separate operation, the Cyber Police Station of the South-West District busted an interstate fraud syndicate. Three accused—Mahender Singh Rajawat, Ariph Khan, and Laxmi Narayan Vaishy—from Jaipur were arrested after duping a man of ₹15.8 lakh through a fake online review job scam. Initially paid small amounts for tasks, the victim was later lured into paying large sums under pretexts like “welfare tasks” and “credit improvement.” The investigation revealed that the gang used USDT (cryptocurrency) to route money out of India within 20 minutes of receipt, evading traceability. “The fraud network had direct links to a Chinese national operating via Telegram from abroad,” stated the police press release. Security Advice: These arrests highlight how foreign-linked cyber scams exploit Telegram, fake apps, and cryptocurrency to defraud Indian citizens. Protect Yourself from Cyber Fraud: Refrain from downloading unknown apps or opening dubious links. Never invest based on WhatsApp/Telegram promotions Be cautious of too-good-to-be-true online job offers Enable 2FA and monitor financial transactions Report scams at: www.cybercrime.gov.in

Govt acts on online misinformation on Operation Sindoor infra, banks on cyber threat alert

The government has ramped up efforts to counter misinformation about Operation Sindoor and placed key infrastructure sectors on high cyber alert following recent terror-linked cyberattacks. Social media platforms are being monitored, with false content actively blocked and users urged to rely on official sources. According to a senior government source, social media platforms are “continually monitoring” for false information about Operation Sindoor by the ministries of information technology and information and broadcasting. These platforms have been requested to block any illegal content. Critical infrastructure agencies and organisations, including the Power Ministry, banks, telecom providers, and other financial institutions, are also on “high alert” after being the target of multiple cyberattacks in the wake of last month’s Amalgam terror incident. “We have contained the DDoS attacks that have been launched against certain infrastructure. We are currently on high alert since similar attempts will undoubtedly be attempted,” the person stated. An assault known as a DDoS (Distributed Denial of Service) occurs when a hacker floods a server, network, or website with malicious traffic from several sources, rendering it unusable or sluggish for authorised users. At a conference between representatives of the two ministries on May 7, 2025, in the afternoon, it was acknowledged that false information about India’s strikes on nine locations in Pakistan and Pakistan-occupied Kashmir (Pok) was widely disseminated on social media sites like X. Since people were making a variety of claims online, it was determined that the government would need to keep a careful eye on such content and use its legal tools to stop its spread. From images of unrelated strikes to video game footage, social media platforms turned into a battlefield for internet disinformation campaigns starting in the early hours of May 7. Online reports that Pakistan shot down an Indian Rafael jet were reportedly accompanied by images of a downed aircraft. The fact-check unit of the Press Information Bureau (PIB) has stated that the images were outdated. Other widely circulated accusations about the airstrikes have also been verified by the unit. Users of social media platforms have been cautioned by the authorities to use caution. “Avoid sharing or relying on unconfirmed information. For factual information, see the Government of India’s official sources,” the IT Ministry stated in several posts on X. 16 Pakistani YouTube channels, including well-known ones like Dawn News, Samaa TV, Ary News, and Geo News, were banned by the government following the Pahalgam terror incident for spreading misleading information and content that was sensitive to the community.

Banks bolster cyber defence amid India-Pakistan missile tensions

Cyber Defence: Following India’s missile strikes on terror sites in Pakistan, banks have ramped up cybersecurity and physical security, especially near border areas. Measures include 24/7 cyber war rooms, anti-cyberattack protocols, and stocked ATMS to ensure service continuity. As India launched missile attacks on Pakistan and Pakistan-occupied Kashmir, banks strengthened their cybersecurity defences against potential cyberattacks. Because of the increased risk of a counterattack, banks have also strengthened security at their branches close to the border. Ashok Chandra, MD and CEO of Punjab National Bank, stated, “We have strengthened the cyber security mechanism… we have created a 24-hour war room to diffuse any cyber attack… we are prepared for any eventuality.” He added that the bank has made plans for the safety and security of its employees and has strengthened security at its branches in border areas. A senior executive from a different public sector bank claims that the bank has implemented an anti-cyberattack procedure to fend off any potential cyberattack. According to the official, ATMS in the border regions have been restocked with cash to ensure that users don’t experience any financial difficulties. The Indian military launched missile strikes on nine terror sites in Pakistan and Pakistan-occupied Kashmir early on May 7, 2025, in revenge for the Pahalgam terror attack. These targets included the base of Lashkar-e-Taiba in Muridke and the Jaish-e-Mohammad stronghold in Bahawalpur. The ‘Operation Sindoor‘ military attacks came two weeks after the terrorists killed 26 civilians in Pahalgam, Jammu and Kashmir. Leading stock exchanges BSE and NSE have blocked their websites to users from other countries as a precaution. A representative for the BSE explained the reasoning for the move by stating that “BSE, being a critical market infrastructure institution (MII), proactively and continuously monitors risks at domestic and international levels for potential cyber threats.”

Facebook clean-up: Why Meta removed over 23,000 accounts in Brazil and India

Facebook clean-up: Meta removed over 23,000 Facebook accounts in Brazil and India linked to scams using deepfakes of public figures to promote fake investments and gambling apps. The company is enhancing security features and collaborating with Indian authorities to combat online fraud and protect users. On 07-05-2025, Meta announced that it had deleted over 23,000 Facebook Pages and accounts that were part of extensive scam operations that mostly targeted people in Brazil and India. The March takedown was a component of Meta’s larger initiatives to fight online fraud and increase public awareness of digital fraud. Meta claims that the fraudulent networks used deep fake technology to pose as well-known individuals, such as corporate leaders, cricket players, and producers of financial information. These edited movies purportedly featured public individuals promoting gambling apps and fraudulent investment schemes. Under the pretence of getting investment advice, consumers were taken to messaging platforms after interacting with the content. In several cases, consumers were tricked into downloading harmful gambling apps from a fake website that looked like the Google Play Store. Meta outlines several common scams. Meta described some increasingly common scam types as part of its effort to improve user protection. While payment scams usually take advantage of internet anonymity and urgency, investment scams frequently offer large returns on assets like shares, real estate, or cryptocurrency. Scammers who pose as vendors on websites like Facebook Marketplace and demand cash before vanishing without delivering the promised products are known to engage in advance payment fraud. Other tactics include Over Payment Frauds, in which con artists request a refund after claiming to have overpaid for an item, only to later reverse their initial (often fraudulent) transaction. As a result, Meta has implemented some security features on Facebook, Instagram, and WhatsApp, including scam alerts in Messenger and instructional materials to assist users in identifying fraudulent activities. To improve online safety, the internet giant said it is collaborating closely with Indian government agencies and civil society groups. Initiatives mentioned include cooperation with the Indian Cybercrime Coordination Centre, the Department of Telecommunications, and the Department of Consumer Affairs. Reiterating its dedication to digital security, Meta urged customers to stay alert and make use of the resources available to report and steer clear of frauds.

Cyber fraud awareness is raised by the Telangana Cyber Security Bureau (TGCSB)

The Telangana Cyber Security Bureau (TGCSB) conducted 325 awareness sessions across the state to educate citizens on rising cyber fraud trends. Warnings were issued about fake shopping sites, online task scams, and illegal betting apps, urging victims to report cases via WhatsApp at 8712672222. Hyderabad: The Telangana Cyber Security Bureau (TGCSB) organized a massive State-Wide awareness campaign with 325 sessions held across colleges, medical facilities, private offices, public gathering places, and bus stands to inform citizens about new trends in cybercrime and provide them with preventive measures. A component of Cyber Jagrukta Diwas was this. People were alerted to the existence of fake Instagram sites that use stolen photos to look authentic while showcasing sarees and other apparel. These websites take UPI and e-wallet payments and provide substantial discounts to entice customers. However, either poor quality things are sent, or no products are sent at all. The majority of these pages don’t display any validated company credentials or provide refund choices. Scammers also use offers of easy online chores, like liking videos, to target people. To earn the victim’s trust, they first offer little rewards. Later, they use promises of greater returns to persuade the victims to make larger investments. The scammers vanish after the money is sent, leaving the victims with losses. Fake websites posing as legitimate booking portals for FASTags or license plates were the subject of another alert. These websites gather private and auto data, impose deceptive fees, and never provide the services that are advertised. They also provide fictitious documents in certain cases to give the swindle the appearance of legitimacy. Additionally noted were online betting apps, which are prohibited in Telangana by the Telangana Gaming Act of 2017. These apps encourage money addiction and are frequently run from overseas. Influencers and websites that support or advertise these unlawful betting services are being severely targeted by authorities. Reporting via WhatsApp at 8712672222 is recommended for citizens who are the victims of such scams or who have information.

Fake News Alert: Operation Sindoor – Your Responsibility, Our Nation’s Safety

India has conducted a strong military operation, “Operation Sindoor,” targeting terrorist bases in Pakistan. As soon as this news broke, social media platforms were flooded with real, fake posts, and others purely for attention. In times like these, the biggest support you can give your country is by sharing only verified and responsible information. What You Should NOT Do Don’t Share Fake or Unverified News: Many pages and channels post edited, misleading, or completely fake news for views and likes. Sharing such content without verification can endanger national security. Never Share Army Movements or Sensitive Videos: Posting or forwarding pictures/videos of our Armed Forces’ real-time movements or locations is a serious breach of security. Your post might unintentionally aid the enemy. Don’t Spread Rumours, Memes, or Jokes About Attacks: Making fun or spreading baseless gossip during such tense times is not only insensitive, but it also contributes to disinformation. What You SHOULD Do Follow Only Official Sources: Trust information from official government handles (PIB, Ministry of Defence), verified news channels, and authorised press releases. Think Before You Share: If a post lacks source credibility or seems emotionally manipulative, don’t forward it. Report Fake News: If you come across misleading or provocative content, report it on the platform. While our soldiers are fighting on the front lines, we must become digital soldiers by standing for truth and acting wisely. Make your posts strengthen the nation, not weaken it. Civil Defence Drill to Boost Emergency Readiness: Do not post any objectionable post or make any wrong comments on social media regarding the mock drill. Do not spread any misleading false rumours on social media. A civil defence mock drill will be conducted across the country on May 7 to enhance emergency preparedness after the Pahalgam terror attack. The drill will test air raid warning systems, shelter preparedness and evacuation procedures. Civil defence volunteers, including NCC cadets, home guards and students, will participate in the simulation to remain prepared for hostile situations. The drill aims to strengthen civil defence preparedness and train volunteers in first aid, evacuation and emergency protocols. Verify before you post. Think before you share.

Govt. Mulls Ban on Influencers Spreading Anti-National Content Post-Pahalgam Attack

The government may ban social media influencers and platforms spreading anti-national content after the Pahalgam attack. The IT Committee has demanded action reports from ministries by May 8 amid rising tensions and UN calls for restraint. Following the terror assault in Pahalgam on April 22, 2025, the Parliamentary Standing Committee on Information Technology has voiced grave concerns about the role of specific social media platforms and influencers. The committee pointed out that some of these organisations seem to be working against the nation’s interests and may be encouraging violence with their content. The committee has urged the Ministry of Electronics and Information Technology and the Ministry of Information and Broadcasting to act quickly and decisively in response to these findings. The Information Technology Act of 2000 and the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules of 2021 specifically seek information about the steps being considered to outlaw such platforms and accounts. Following the terror assault in Pahalgam on April 22, 2025, the Parliamentary Standing Committee on Information Technology has voiced grave concerns about the role of specific social media platforms and influencers. The committee has given the ministries until May 8, 2025, to provide a thorough report detailing the actions they have taken or plan to take to stop the spread of dangerous content. This action demonstrates the government’s will to prevent incitement and actions that could jeopardise national security from taking place on digital platforms. Section 69A of the IT Act, 2000, gives authorities the authority to ban or remove content that endangers public order, security, sovereignty, or goodwill with other countries. According to the 2021 IT Rules, platforms must designate grievance officers, remove illegal content as soon as possible, and apply due care in content management. Five extremists targeted visitors in the Baisaran Valley with the Pahalgam incident, which has greatly increased tensions in the area and drawn global criticism. Additionally, the attack has led to a rise in anti-Kashmiri and Islamophobic attitudes throughout India, with social media being a key platform for the spread of divisive messages. UN chief asks India, Pakistan to step back from the brink Concerned that India-Pakistan tensions were “at their highest in years,” UN Secretary-General António Guterres urged “maximum restraint and stepping back from the brink” on May 5, 2025. “Make no mistake: A military solution is no solution,” Guterres stated in a succinct declaration. Guterres offered both governments his “good offices” in the interest of peace. “The United Nations stands ready to support any initiative that promotes de-escalation, diplomacy, and a renewed commitment to peace,” he stated.

Madras University Cyber Forensics Course Marks 20 Years of Innovation

Madras University’s Cyber Forensics course, launched in 2004, has evolved into a postgraduate program producing over 750 graduates with strong industry placements. Recognized as a Centre of Excellence, it offers cutting-edge cybersecurity and digital forensics training. According to the previous department head and course founder-director R. Thilagaraj, the department developed a postgraduate diploma in cyber forensics and information security for police, courts, and business executives in 2004. Because of the positive reaction, it was changed to a postgraduate degree course the following year. Cybersecurity was still in its infancy. He remembers, “Some of the organizations we visited asked why they needed it.” When the first group graduated in 2007, employers were reluctant to hire them. According to S. Latha, the founder of the course and current director of the Centre for Cyber Forensics and Information Security, the first group of alumni is currently working for multinational banks. Up to 750 students have already received their diplomas. With a government grant of ₹1 crore, the centre was elevated as a Centre of Excellence in 2009, and she adds that it became an independent department with the then-Governor-Chancellor’s approval. The cost of tuition is ₹8,500. The course covers the most recent developments in the fields of digital forensics, information security audit, cyber criminology, and information security. Students have benefited from a course that the University of Madras‘ criminology department introduced 20 years ago. According to the previous department head and course founder-director R. Thilagaraj, the department developed a postgraduate diploma in cyber forensics and information security for police, courts, and business executives in 2004. Because of the positive reaction, it was changed to a postgraduate degree course the following year. Cybersecurity was still in its infancy. He remembers, “Some of the organisations we visited asked why they needed it.” When the first group graduated in 2007, employers were reluctant to hire them. According to Latha, the founder and coordinator of the course and current director of the Centre for Cyber Forensics and Information Security, the first group of graduates is currently working for multinational banks. Up to 750 students have already received their diplomas. With a government grant of ₹1 crore, the centre was elevated as a Centre of Excellence in 2009, and she adds that it became an independent department with the then-Governor-Chancellor’s approval. The cost of tuition is ₹8,500. The course covers the most recent developments in the fields of digital forensics, information security audit, cyber criminology, and information security. “Our alumni are placed in Google, Ernst and Young, Deloitte, HCL, Infosys, and even government agencies.” “The course offers 100% placement in corporate houses, software companies, information security auditing firms, banks, telecom industries, and financial institutions,” Ms. Latha explains. A cyber forensics lab has also been established by the department. Students conduct research in important fields of digital forensics and cybersecurity. As part of the RUSA Arumbu project, a student was recently given seed money to verify the legitimacy of AI-generated images, audio, and video. According to Ms. Latha, “a lot of students have worked in identifying ransomware attacks, phishing links, and fake profiles.” In addition to helping with placement, industry professionals who also teach classes created the syllabus. “The government should consider hiring at least a percentage of police with a master’s degree in cyber forensics and information security in the technical wing, as cybercrimes are on the rise and the majority of cases in the future are likely to be related to cybercrime,” she continues. Students who joined the program after graduating with a BCA, such as Vikram T, Farheen Fathima, and Mohamed Thalal, are now guaranteed a respectable compensation package for their campus placement. Every semester, the students work on a project, and the final dissertation they produce is based on actual business issues. According to guest faculty member C. Vishnupriya, having professionals from the industry on the team aids students in comprehending real-world issues. She adds, “They also value it when students solve problems.”

cyber crime news