cyber news Archives - The Cyber Shark

Bengaluru Police Launch Cybercrime Victims’ Day to Raise Awareness

On August 30, officials from the Bengaluru district cybercrime station held a “Victims’ Day” at the station to raise awareness and provide an update on the status of the cases. With more than fifty attendees, the seminar addressed not only cybercrimes but also drug and property offences, women’s and children’s safety, and social media do’s and don’ts. According to C.K. Baba, the superintendent of police for the Bengaluru area, “the idea is to bridge public-police relationships in a better way and help the victims in every possible way because prevention is better than cure.” It is common for victims of cyber fraud to experience psychological effects for a variety of reasons. To help them feel better, the team has received training on how to provide them with appropriate dialogue-based counselling. At the designated station, a support desk has been established, and employees are trained to assist victims in any way they can, Mr. Baba stated. According to officials, the victims’ day program will be regularly held at the station, and efforts are being made to expand it to other stations.

Surat Cybercrime Report 2024: 25,000 Complaints, ₹170 Crore Losses

Cyber Crime Police Inspector D. V. Gamit stated on August 26, 2025, that more than 25,000 cybercrime complaints were filed in Surat city the previous year, resulting in thefts exceeding Rs 170 crore. He spoke at a session called “Stay safe online: Cyber awareness for women and senior citizens,” which was organised by the Women’s Wing of the Southern Gujarat Chamber of Commerce and Industry (SGCCI) in Surat. Assistant Commissioner of Police Sweta Daniels, who spoke at the ceremony, stated that cybercrimes have an impact on the nation’s economic stability. “When engaging in any financial activity online, one must consider one’s options carefully before acting. Before making a choice, he or she should first consult with others, Daniels advised. According to Gamit, there are three cybercrime instances worldwide per second. Every seven minutes, a cybercrime occurs in India. India is ranked tenth in the world, whereas Russia is the epicentre of cybercrime events. He described roughly 20 distinct forms of cyber fraud in his presentation and offered advice on how to prevent becoming a victim of online fraud. According to Gamit, there are primarily three categories of cybercrime cases: financial fraud, cyberterrorism, and fraud involving social media. Due to current trends, investment fraud and task fraud account for the majority of cybercrime instances reported in Surat. A cheaper price is offered by cybercriminals in investment fraud schemes involving gold, shares, and other commodities. In task fraud, individuals are told to like and follow particular videos on particular channels, and they first offer a few hundred dollars to get others to follow them. Later, they assign a task, get someone to complete it, and offer them thousands of dollars. Later, they give them more difficult work to become a premium member, which requires the user to pay a set amount.

Cyber and Maritime Resilience Stressed In Indo-Pacific at CUTS-RMIT Webinar

On 28 August 2025, in New Delhi (KNN), a high-level webinar organised by the CUTS Global Affairs Centre and the Centre for Cyber Security Research and Innovation at RMIT University highlighted the importance of India and Australia taking the lead in protecting the digital and marine infrastructure of the Indo-Pacific. The crucial significance of subsea cables, which transport about 95% of all internet traffic worldwide, was emphasised at the virtual session, “Securing the Indo-Pacific’s Digital Arteries: India–Australia Collaboration for Cyber and Maritime Resilience.” “The Indo-Pacific has become the epicentre of global competition, giving India and Australia both responsibility and opportunity to strengthen cyber and maritime frameworks,” said Ujjwal Kumar, Associate Director at CUTS International, who opened the debate. RMIT moderator Prem Chhetri emphasised that subsea cable systems are a question of national security and sovereignty as much as technology. Experts emphasised that integrating India’s manufacturing prowess with Australia’s infrastructure finance capabilities might greatly improve connectivity across the Indian Ocean. Smaller Indo-Pacific countries would benefit from collaborations in training, maintenance systems, and trusted supplier networks, according to Samuel Bashfield of the Australia-India Institute. Submarine cables are “geopolitical instruments,” according to Capt. Sarabjeet Parmar (Retd.) of the Council for Strategic and Defence Research. He called for stronger policy frameworks to secure high-density routes and closer collaboration through naval exercises like Malabar and AUSINDEX. RMIT professor Matthew Warren emphasised the need for artificial intelligence (AI) and digital techniques in detecting cable system vulnerabilities. Additionally, he cited the Quad’s Cable Connectivity and Resilience Centre in Australia as an example of collaboration. Purus Hendra Singh of CUTS International concluded the meeting by stating that Australia and India are well-positioned to lead the region toward a safe, resilient, and inclusive digital future.

J-K orders immediate ban on pen drives in govt offices to boost cyber security, protect sensitive information

The guideline states that exceptions will only be granted where using pen drives is necessary for operational reasons. The Jammu and Kashmir General Administration Department banned the usage of pen drives on all official devices in government agencies a few months after the India-Pakistan conflict. The August 25, 2025, order seeks to reduce the risks of malware infections, unauthorised access, and data breaches while enhancing cybersecurity and protecting sensitive government data. Exceptions with controls The guideline states that exceptions will only be granted where using pen drives is necessary for operational reasons. Only two to three pen drives may be requested by a department, even in these situations, and they must be sent to the State Informatics Officer via the administrative head. Before being used, approved pen drives will first undergo reconfiguration and authorisation by the National Informatics Centre (NIC). Push for GovDrive adoption GovDrive, a cloud-based, multi-tenant platform that provides every government official with 50 GB of safe storage with centralised access and synchronisation, has been strongly recommended as a secure substitute by departments. In comparison to physical storage devices, the circular emphasises that GovDrive will increase efficiency and guarantee superior data integrity protection. Ban on unsecured platforms Additionally, the circular expressly cautions against exchanging or storing private information on unprotected platforms like WhatsApp. It emphasises how crucial it is to protect digital sovereignty and avoid security lapses by using secure communication methods. Compliance and accountability The government has made it clear that disregarding the new guidelines will be taken seriously and may result in disciplinary action under the laws governing official behaviour and the use of IT. The guidelines have been issued with immediate effect, and all agencies have been directed to prioritise them. Cybersecurity strategy The order is a component of a broader plan to embrace best practices described by CERT-In and the Ministry of Home Affairs, implement ICT architecture, and guarantee adherence to national security guidelines. To protect sensitive data, departments have also been instructed to implement classification policies, conduct vulnerability assessments, and strengthen security configurations.

Cyber Extortion Bid from Thailand: LSE Graduate among 3 Arrested in Delhi

Three men, one of them a London School of Economics (LSE) postgraduate, were arrested by Delhi Police for allegedly operating a cross-border cyber extortion racket. The accused allegedly tried to extort a Delhi businessman by demanding cryptocurrency through a WhatsApp call made from Thailand, threatening to kill his children if he refused. The Cyber Extortion Plot The matter came to the police’s attention when a businessman complained to the DBG Road station. According to him, a WhatsApp call from Thailand threatened him, with the caller claiming to be a gangster and asking for ₹2 crore in crypto via a QR code. The caller warned that if the demand was ignored, his children would be shot dead. Alarmed by the threat, the businessman approached the police, who quickly registered a case of extortion and handed it over to the Cyber Crime Unit. How Delhi Police Tracked the Accused The police cyber investigation team used advanced tools to trace the WhatsApp call and crypto QR code, confirming that the operation was being conducted from Thailand. Meanwhile, surveillance teams kept watch on the suspects’ movements in Delhi. When the trio returned from Thailand, police immediately arrested them. Two mobile phones, one used to generate the crypto QR code and another used to make WhatsApp calls, were recovered during the operation. Who Were the Accused? The three arrested men were identified as: Nitish (31) – A postgraduate from the London School of Economics (LSE), believed to be the digital mastermind. Sumit (42) – A BCom graduate and jewellery trader, who personally knew the victim and chose him as the target. Prince (35) – A school dropout who helped place the threatening calls. All three are residents of Delhi. Debt Led to Cybercrime The suspects acknowledged during interrogation that they had been under severe financial pressure. Believing cyber extortion to be an “easy way out,” they flew to Thailand to avoid detection, purchased international SIM cards, and carried out the plan from abroad. Police Statement Deputy Commissioner of Police (Central District) Nidhin Valsan praised the cyber team’s efforts, saying: “The suspects assumed they could escape by operating from Thailand. But Delhi Police’s cyber cell tracked their digital footprints and arrested them. This case proves that no cybercriminal is beyond the reach of law.” Conclusion This incident highlights the rising trend of cyber extortion cases in India, where criminals are increasingly using cryptocurrency and international SIM cards to hide their tracks. However, the swift action by Delhi Police shows that advanced cyber tools and global cooperation can effectively combat such threats.

Haryana Police Flags 91 Bank Branches for Suspected Cybercrime Involving ‘Mule Accounts’

As part of its campaign against cybercrime, the Chandigarh, Haryana Police have located 91 bank branches in the state where they believe cybercriminals are using “mule accounts” to conduct large-scale transactions. Among these, 26 branches are in Gurugram and 24 in Nuh district, officials said on 19 August 2025. After identifying these branches, police teams have started a phased verification, inspection, and legal action, according to an official statement. To determine whether bank employees’ carelessness or collusion is aiding cybercriminals, special teams from the Cyber Crime Wing are thoroughly reviewing the records of these branches. According to the statement, “the teams are scrutinising lapses in KYC compliance, procedural violations in account opening, the role of bank employees, and any sign of negligence.” Raids were carried out in the districts of Karnal and Yamunanagar on 19 August as part of the drive, during which time suspicious accounts were investigated and bank records were carefully reviewed. Teams from the Cyber Crime Wing located a current account belonging to a company in Yamunanagar that was formally closed in March but that subsequently carried out transactions totalling ₹43 lakh. The statement added that eight complaints have been filed against this account nationwide. In just three months, transactions totalling ₹2 crore were made on another current account that was discovered to have been opened on a fictitious address. 33 complaints have been made against this account nationwide. “Account holders’ and the relevant bank employees’ roles are being scrutinised… This will not be a two-district operation. In the days ahead, other questionable bank branches will also be the target of similar raids, the statement said. On August 19, Shatrujeet Kapur, the head of Haryana Police, announced that a strong, multifaceted plan had been developed to combat cybercrime. According to him, this entails rigorous branch monitoring, prompt investigation of questionable transactions, frequent raids, and ensuring that banking laws are followed. The DGP emphasised how important it is to keep citizens’ hard-earned money out of the hands of cybercriminals. He emphasised that bank officials and cyber nodal officers are held accountable because banks share equal responsibility with the police. Cybercriminals frequently impersonate bank employees, law enforcement officers, government agents, or representatives of reputable businesses to make fraudulent calls, send dubious links, or fool people into downloading dubious apps, according to Inspector General, Cyber Shibas Kabiraj. “Citizens must never share their OTP, ATM PIN, UPI PIN, passwords, or personal documents like Aadhaar and PAN in such situations, nor scan any unknown link or QR code,” he stated. According to Kabiraj, banks and government organisations never call to request sensitive information or money transfers. “People need to be aware of new scams like ‘digital arrests,’ in which con artists use video calls to threaten victims while pretending to be law enforcement officers—something that no real police or agency ever does.”

Google Issues Red Alert: New AI-Based Cyber Attack Targets 1.8 Billion Gmail Users with ‘Indirect Prompt Injections’

According to Men’s Journal, Google, which has 1.8 billion Gmail users globally, recently issued a serious warning about a new type of cybersecurity threat connected to advancements in artificial intelligence. Google alerted everyone to a new type of cyberattack known as “indirect prompt injections.” Google warns of a wave of new threats Governments and corporations are also impacted by this threat, in addition to individuals. Google described the risk in a thorough blog post, saying, “As generative AI is being adopted at a rapid pace, a new wave of threats is emerging across the industry to manipulate the AI systems themselves.” Indirect prompt injections are one of these new attack methods. This attack differs in that hackers conceal malicious instructions inside emails, documents, or calendar invites rather than directly entering harmful commands into the AI prompt. According to the post, these hidden commands have the potential to cause the AI to leak user data or carry out other negative actions. Google warned that this threat poses a threat to everyone. “As more governments, businesses, and individuals adopt generative AI to get more done, this subtle yet potentially powerful attack becomes increasingly pertinent across the industry, demanding immediate attention and robust security measures,” the blog went on. Hackers use Google AI Gemini to steal passwords Scott Polderman, a tech expert, claims that hackers are using Google’s AI assistant, Gemini, to steal user data. Hackers use hidden commands in emails to force Gemini to divulge passwords without the user’s knowledge. As more people use AI for personal tasks, such as relationship and dating advice, this warning is being issued. Scott claimed that because this scam pits “AI against AI,” it differs from previous ones and may lead to more attacks of this nature. He clarified that by deceiving the AI into acting against itself, these hidden commands cause users to divulge their login credentials unintentionally. Scott also noted that the scam operates without a link to click; instead, it occurs when Gemini alerts users to their danger. He reminded everyone that Google has stated that it will never use Gemini to request login information or notify users of fraud.

CBI To Question Bank Staff in Rs 8.5 Lakh Mule Account Cyber Fraud Case

In a sweeping investigation, the Central Bureau of Investigation (CBI) has launched a probe into 743 branches of multiple banks for facilitating 8.5 lakh mule accounts used by cybercrime syndicates to launder illicit funds. According to the FIR, many of these accounts were created using forged documents, some even without the knowledge of the supposed account holders. The CBI found bank officials allegedly ignored mandatory RBI compliance norms, including failing to generate Suspicious Transaction Reports (STR) for high-volume accounts and neglecting Customer Due Diligence (CDD) during account openings. These lapses allowed cybercriminals to funnel stolen money through unsuspecting or fabricated identities. Two types of mule accounts were identified: Cyber Mule Accounts – Small accounts used for limited fraudulent activity. Money Mule Accounts – Accounts used for large, rapid transactions to avoid detection. “This isn’t just a lapse; it’s systemic neglect of RBI mandates that enabled a nationwide laundering network,” a senior CBI officer said. The scam, described as a “pan-India conspiracy,” involved middlemen and banking correspondents who opened accounts for illiterate or unaware individuals, enabling UPI-based transactions. The CBI also noted that no ‘thank you’ letters or acknowledgments were sent after account opening, indicating address verification failures. A total of 37 people have been named in the FIR, with 10 already arrested. Advice The CBI’s findings expose serious gaps in banking oversight, customer verification, and cybercrime safeguards, making it easier for fraudsters to exploit the system on a mass scale. Cybersecurity Tips for Users: Don’t share OTPs, PAN, Aadhaar, or banking info with anyone. Verify any SMS or call claiming to be from your bank. Regularly monitor your account for unauthorised activity. Report fraud immediately at www.cybercrime.gov.in

Airtel Shields 23 Lakh Users in J&K from Cyber Fraud in 47 Days

Jammu, July 1: In just 47 days, Bharti Airtel has successfully protected over 2.3 million users in Jammu and Kashmir from online fraud, thanks to its newly launched AI-powered fraud detection system, rolled out nationwide. The system is automatically enabled for all Airtel mobile and broadband users and works silently in the background. It analyses over one billion URLs every day and blocks malicious websites in under 100 milliseconds, offering users real-time protection against phishing, fake banking alerts, and scam messages across SMS, WhatsApp, Telegram, Facebook, Instagram, and browsers. According to Airtel, it has blocked 2,01,146 malicious links and shielded over 11.7 crore users across India, with 23 lakh users in Jammu & Kashmir alone. The initiative is completely free and sends alerts in local languages such as Urdu and Hindi, making it effective even in regions with low digital literacy. “We are proud to bring our AI-powered fraud detection solution to J&K. This free, real-time protection empowers our users to enjoy the digital world with peace of mind,” said Dibyendu Aich, COO – J&K, Bharti Airtel. With Jammu & Kashmir now one of the most digitally connected regions, cyber fraud attempts have surged in both cities like Jammu and Srinagar, and smaller towns like Baramulla and Samba. Fraudsters often use fake delivery messages, phishing links, and bogus banking alerts to steal user data and money. In a move to strengthen cybersecurity collaboration, Aich also met Sunil Gupta, Inspector General of Police, Crime Branch (J&K), to explore joint efforts in tackling digital fraud. Conclusion & Cyber Safety Tips As digital adoption grows in J&K, tools like Airtel’s AI shield are crucial for safeguarding users from evolving cyber threats. Stay Safe Online: Don’t click on unknown links or fake SMS messages. Enable 2FA (two-factor authentication) for all important apps and banking services. Report suspicious activity at www.cybercrime.gov.in. Use spam filters and keep your device software updated regularly.

ED raids in Gujarat, Maharashtra in cyber fraud probe over ₹100 cr scam

On 25 June 2025, the Enforcement Directorate (ED) carried out raids in Gujarat and Maharashtra as part of a money laundering probe linked to cyber frauds worth over ₹100 crore. The operation targeted individuals allegedly involved in digital arrest scams, crypto frauds, and fake law enforcement threats, with money funnelled abroad using hawala routes. According to ED sources, searches were conducted in Mumbai, Ahmedabad, and Surat under the Prevention of Money Laundering Act (PMLA). The probe was based on an FIR filed by the Gujarat Police against multiple accused, including Makbul Doctor, Kaashif Doctor, Bassam Doctor, Mahesh Desai, and Maaz Abdul Raheem Nada. The fraudsters allegedly: Used fake USDT (cryptocurrency) trading schemes. Orchestrated “digital arrests”, impersonating law agencies. Sent fake notices to threaten and extract money from victims. Collected funds through accounts opened with forged or dummy KYCs. Converted black money into cryptocurrency via Angadiya (hawala) operators. Transferred over ₹100 crore abroad, officials suspect. “This is a deeply rooted cyber laundering network involving identity theft, crypto misuse, and psychological extortion,” said a senior ED official. The investigation is ongoing, with digital evidence, devices, and suspicious bank transactions being examined. Key Highlights: ₹100 crore cyber scam involved fake arrests, crypto fraud, and hawala transfers. The ED conducted raids in several Gujarati and Maharashtra cities. FIR filed against key suspects with a link to forged KYC accounts. Cyber Safety Advice: Never trust calls or emails claiming law enforcement without verification. Avoid crypto investments from unknown or unregulated sources. Secure your identity documents and avoid sharing KYC info online. Call 1930 or report questionable transactions or scams to cybercrime.gov.in.