cyber security Archives - The Cyber Shark

CBI To Question Bank Staff in Rs 8.5 Lakh Mule Account Cyber Fraud Case

In a sweeping investigation, the Central Bureau of Investigation (CBI) has launched a probe into 743 branches of multiple banks for facilitating 8.5 lakh mule accounts used by cybercrime syndicates to launder illicit funds. According to the FIR, many of these accounts were created using forged documents, some even without the knowledge of the supposed account holders. The CBI found bank officials allegedly ignored mandatory RBI compliance norms, including failing to generate Suspicious Transaction Reports (STR) for high-volume accounts and neglecting Customer Due Diligence (CDD) during account openings. These lapses allowed cybercriminals to funnel stolen money through unsuspecting or fabricated identities. Two types of mule accounts were identified: Cyber Mule Accounts – Small accounts used for limited fraudulent activity. Money Mule Accounts – Accounts used for large, rapid transactions to avoid detection. “This isn’t just a lapse; it’s systemic neglect of RBI mandates that enabled a nationwide laundering network,” a senior CBI officer said. The scam, described as a “pan-India conspiracy,” involved middlemen and banking correspondents who opened accounts for illiterate or unaware individuals and enabled UPI-based transactions. The CBI also noted that no ‘thank you’ letters or acknowledgements were sent post-account opening, indicating address verification failures. A total of 37 people have been named in the FIR, with 10 already arrested. Advice The CBI’s findings expose serious gaps in banking oversight, customer verification, and cybercrime safeguards, making it easier for fraudsters to exploit the system on a mass scale. Cybersecurity Tips for Users: Don’t share OTPs, PAN, Aadhaar, or banking info with anyone. Verify any SMS or call claiming to be from your bank. Regularly monitor your account for unauthorised activity. Report fraud immediately at www.cybercrime.gov.in

Airtel Shields 23 Lakh Users in J&K from Cyber Fraud in 47 Days

Jammu, July 1: In just 47 days, Bharti Airtel has successfully protected over 2.3 million users in Jammu and Kashmir from online fraud, thanks to its newly launched AI-powered fraud detection system, rolled out nationwide. The system is automatically enabled for all Airtel mobile and broadband users and works silently in the background. It analyses over one billion URLs every day and blocks malicious websites in under 100 milliseconds, offering users real-time protection against phishing, fake banking alerts, and scam messages across SMS, WhatsApp, Telegram, Facebook, Instagram, and browsers. According to Airtel, it has blocked 2,01,146 malicious links and shielded over 11.7 crore users across India, with 23 lakh users in Jammu & Kashmir alone. The initiative is completely free and sends alerts in local languages such as Urdu and Hindi, making it effective even in regions with low digital literacy. “We are proud to bring our AI-powered fraud detection solution to J&K. This free, real-time protection empowers our users to enjoy the digital world with peace of mind,” said Dibyendu Aich, COO – J&K, Bharti Airtel. With Jammu & Kashmir now one of the most digitally connected regions, cyber fraud attempts have surged in both cities like Jammu and Srinagar, and smaller towns like Baramulla and Samba. Fraudsters often use fake delivery messages, phishing links, and bogus banking alerts to steal user data and money. In a move to strengthen cybersecurity collaboration, Aich also met Sunil Gupta, Inspector General of Police, Crime Branch (J&K), to explore joint efforts in tackling digital fraud. Conclusion & Cyber Safety Tips As digital adoption grows in J&K, tools like Airtel’s AI shield are crucial for safeguarding users from evolving cyber threats. Stay Safe Online: Don’t click on unknown links or fake SMS messages. Enable 2FA (two-factor authentication) for all important apps and banking services. Report suspicious activity at www.cybercrime.gov.in. Use spam filters and keep your device software updated regularly.

ED raids in Gujarat, Maharashtra in cyber fraud probe over ₹100 cr scam

On 25 June 2025, the Enforcement Directorate (ED) carried out raids in Gujarat and Maharashtra as part of a money laundering probe linked to cyber frauds worth over ₹100 crore. The operation targeted individuals allegedly involved in digital arrest scams, crypto frauds, and fake law enforcement threats, with money funnelled abroad using hawala routes. According to ED sources, searches were conducted in Mumbai, Ahmedabad, and Surat under the Prevention of Money Laundering Act (PMLA). The probe was based on an FIR filed by the Gujarat Police against multiple accused, including Makbul Doctor, Kaashif Doctor, Bassam Doctor, Mahesh Desai, and Maaz Abdul Raheem Nada. The fraudsters allegedly: Used fake USDT (cryptocurrency) trading schemes. Orchestrated “digital arrests”, impersonating law agencies. Sent fake notices to threaten and extract money from victims. Collected funds through accounts opened with forged or dummy KYCs. Converted black money into cryptocurrency via Angadiya (hawala) operators. Transferred over ₹100 crore abroad, officials suspect. “This is a deeply rooted cyber laundering network involving identity theft, crypto misuse, and psychological extortion,” said a senior ED official. The investigation is ongoing, with digital evidence, devices, and suspicious bank transactions being examined. Key Highlights: ₹100 crore cyber scam involved fake arrests, crypto fraud, and hawala transfers. The ED conducted raids in several Gujarati and Maharashtra cities. FIR filed against key suspects with a link to forged KYC accounts. Cyber Safety Advice: Never trust calls or emails claiming law enforcement without verification. Avoid crypto investments from unknown or unregulated sources. Secure your identity documents and avoid sharing KYC info online. Call 1930 or report questionable transactions or scams to cybercrime.gov.in.

Cyber Police Hunt Online Blackmailer Targeting Delhi Businessman

The Central Division Cyber Crime Police have registered a case this week in India against an unknown individual for blackmailing a Delhi businessman using morphed images of his daughter on a dating site. Following the victim’s complaint, which was made public on Saturday, officials launched an inquiry under Section 67 of the IT Act. The complaint alleges that the accused called the businessman from three different mobile phones and claimed that his daughter’s naked pictures had been posted online. To give the threat more legitimacy, a dating website link was included. To exert further pressure and demand ransom money, the accused also altered pictures of other family members and threatened to release the images further if his demands were not fulfilled. Under Section 67 of the Information Technology Act of 2000, which addresses the publication of pornographic material online, police have filed a formal complaint. To identify the blackmailer, the Cyber Crime Unit is now examining the Call Detail Records (CDR) of the phone numbers he used. “Such cases highlight the dark misuse of AI tools and social platforms for extortion. We urge victims to report immediately,” said a senior cybercrime official. Advice Cyber police are actively investigating the case to trace the blackmailer. Victims are urged to stay vigilant and report cyber threats promptly. Key Highlights: Morphed photos used for extortion in Delhi. FIR registered under IT Act Section 67. Cyber police are tracking the accused via CDR analysis. Cyber Safety Tips: Set social media accounts to private. Avoid sharing personal images or data online. Educate family members about digital impersonation risks. Report such threats to cybercrime.gov.in. Do not respond to or pay cyber blackmailers.

NCCF Hosts Cybersecurity Training for Cooperatives Ahead of IYC 2025

The National Cooperative Consumers’ Federation of India Ltd. (NCCF) held a cybersecurity training session this week in India as part of preparations for the International Year of Cooperatives (IYC) 2025. Organised under the Ministry of Cooperation, the session aimed to equip cooperative officials with the tools to combat rising cyber threats, ensure cyber hygiene, and enhance digital safety. The training focused on Cyber Security Awareness and Cyber Swachhata (Cyber Cleanliness), teaching cooperative officials how to protect sensitive data, recognise scams, and adopt safer digital practices. According to NCCF sources, the program covered topics such as: Cyber hygiene measures such as software updates and creating secure passwords. Data protection protocols. Phishing and scam awareness. The Ministry of Cooperation, which guided the training, praised the effort as a key milestone in securing cooperative systems and boosting digital literacy. “Cyber awareness is the foundation of secure cooperative growth in the digital age,” said an NCCF spokesperson. The initiative aligns with India’s broader digital goals, ensuring that even grassroots cooperative institutions are protected from cybercrime threats. Experts from cybersecurity teams and cooperative boards jointly facilitated the program. Advice Key Highlights: In front of IYC 2025, NCCF began offering cyber training. Aim: Strengthen cyber safety across India’s cooperatives. The Ministry of Cooperation supports the initiative. Cyber Safety Advice: Use strong, unique passwords for official systems. All cooperative accounts should have two-factor authentication enabled. Never open dubious attachments or URLs. Report any suspicious activity to cybercrime.gov.in.

5 arrested in Delhi operations targeting Chinese cyber scam networks

Delhi Police arrested five people linked to Chinese-operated cyber scam networks involving fake investment and online job frauds. In a major crackdown, Delhi Police arrested five individuals this week involved in separate cyber fraud networks linked to Chinese handlers, operating via Telegram and WhatsApp. The accused reportedly laundered over ₹36 lakh using fake investment platforms, cryptocurrency, and money mules across India and Nepal. In North-West Delhi, Cyber Police arrested Pawan and Mankiraat Dhillon for cheating a victim of ₹21 lakh through a fake share market investment app. The app mimicked legitimate brokerage platforms to display fake returns, while transactions were made into bank accounts tied to cybercriminals. The accused maintained contact via Telegram and allegedly supplied Indian bank accounts to Chinese nationals. The fraudsters were traced and arrested in Mohali, Punjab, with police recovering SIM cards, cheque books, ATM cards, mobile phones, and evidence of travel to Nepal, where some of the scammed funds were received. In a separate operation, the Cyber Police Station of the South-West District busted an interstate fraud syndicate. Three accused—Mahender Singh Rajawat, Ariph Khan, and Laxmi Narayan Vaishy—from Jaipur were arrested after duping a man of ₹15.8 lakh through a fake online review job scam. Initially paid small amounts for tasks, the victim was later lured into paying large sums under pretexts like “welfare tasks” and “credit improvement.” The investigation revealed that the gang used USDT (cryptocurrency) to route money out of India within 20 minutes of receipt, evading traceability. “The fraud network had direct links to a Chinese national operating via Telegram from abroad,” stated the police press release. Security Advice: These arrests highlight how foreign-linked cyber scams exploit Telegram, fake apps, and cryptocurrency to defraud Indian citizens. Protect Yourself from Cyber Fraud: Refrain from downloading unknown apps or opening dubious links. Never invest based on WhatsApp/Telegram promotions Be cautious of too-good-to-be-true online job offers Enable 2FA and monitor financial transactions Report scams at: www.cybercrime.gov.in

Shoplifters are apprehended by this AI technology before they even steal anything

A Paris-based start-up, Veesion, has created an AI surveillance system that can detect suspicious gestures before shoplifting occurs. Launched in 2018, the tech is now used in over 5,000 stores across Europe, the US, and Canada, helping retailers prevent theft before it happens. Without keeping personal information or utilising biometrics, Veesion’s gesture-recognition AI examines body movement to identify questionable behaviour. The solution delivers personnel real-time notifications through a mobile app and connects with current CCTV setups. “The algorithm is indifferent to people’s appearance. As stated by Benoit Koenig, a co-founder of Veesion, “It only cares about how your body parts move over time.” It detects actions like concealing items or irregular handling of products, and immediately alerts the security team with video evidence. Within three months, a shop in the United States reduced losses in the health and beauty department by fifty per cent. The startup recently raised ₹373 crore ($43 million) in Series B funding to expand globally. The tech also helps detect employee theft, which accounts for similar losses as customer shoplifting. “It acts as a deterrent. Staff know AI is watching,” Koenig added. Advice: Veesion’s AI shows how gesture-based surveillance could revolutionise theft prevention in physical stores, without invading privacy. Security Insights for Retailers: Upgrade to AI-enhanced CCTV systems Train staff to respond to real-time alerts Use non-biometric solutions to respect privacy laws Regularly audit security footage for internal theft

Lucknow police bust ₹80 lakh crypto fraud racket, eight arrested

Lucknow Police uncovered a ₹80 lakh crypto fraud and arrested 8 people involved in illegal USDT trading via Telegram. In a breakthrough against digital fraud, Lucknow Police arrested eight individuals on June 21, 2025, for siphoning off nearly ₹80 lakh through fake USDT (Tether) crypto trading. The racket operated from Lucknow and nearby districts, exploiting loopholes in crypto laws and bank verification systems, as revealed by the Cyber Crime Police. The accused were part of a well-organised cyber racket that transferred illicit money via anonymous Telegram channels operated by Chinese handlers, according to a press release by the Cyber Crime Police Station, Lucknow. They used TRC-20 blockchain network wallets, bypassing Indian legal scrutiny by avoiding KYC. Local “mule” accounts were created to receive money via NEFT, RTGS, and IMPS, withdraw the same day and convert into USDT through peer-to-peer crypto brokers. “These criminals exploited P2P wallets that function without verification, making it nearly impossible to trace funds,” said Inspector Brijesh Kumar Yadav, Cyber Crime Police. During raids, police recovered: ₹1.85 lakh in cash 16 mobile phones 2 laptops and a tablet 4 cars Cheque books and bank passbooks The arrested include youth aged 21–40 years from Lucknow, Basti, Rae Bareli, Gonda, and Barabanki. The accused failed to present any valid crypto exchange records or KYC documents, which confirmed the illegitimacy of their operations. Police booked them under BNS Sections 317(2), 318(4), 61(2), and 111(2) (B) and IT Act Sections 66C and 66D, commonly used for cyber and identity-related fraud. Security Advice: This case exposes how cross-border digital scams are being run under the cover of “crypto trading,” exploiting unregulated platforms and mule accounts in India. Stay protected with these tips: Avoid P2P crypto deals without KYC Do not share bank details or receive suspicious deposits Always verify apps and trading platforms Enable two-factor authentication Report fraud at: www.cybercrime.gov.in

16 Billion Logins Stolen In Mega Data Breach Threatening Apple, Google and More

In a massive global data breach, hackers have leaked 16 billion login credentials, exposing users of platforms like Apple, Google, Facebook, GitHub, and even government services, according to Forbes. The breach was uncovered this week by cybersecurity researchers who found the records in 30 unprotected datasets, some containing up to 3.5 billion entries each. Cybersecurity experts first noticed a mysterious open database containing 184 million records, which has now proven to be only a small part of a much larger breach. Researchers have since confirmed 30+ datasets leaked online, containing VPN logins, social media accounts, and developer platform access. The breach is not a recycling of old data but fresh, high-value information collected throughout 2025, making it dangerous and exploitable for phishing attacks, account takeovers, and business email compromise (BEC) schemes. “This is not just a leak — it’s a blueprint for mass exploitation,” warned the research team cited in Forbes. Darren Guccie, CEO of Keeper Security, emphasised that the leak’s scale and nature pose “far-reaching risks” to users across sectors. Google has responded by urging users to move beyond traditional passwords and 2FA, and instead adopt passkeys, which are biometric login systems using fingerprint or facial recognition. “Passkeys are phishing-resistant and safer than passwords,” Google stated. Advice: This mega breach highlights how credential leaks remain one of the top cyber threats globally. The fact that the stolen logins are fresh and tied to major platforms increases the urgency for users to act. Cyber Safety Tips: Switch to Passkeys or biometric login methods wherever possible Update your passwords immediately, especially for sensitive accounts Enable multi-factor authentication (MFA) Avoid clicking on suspicious links or emails asking for logins Report scams or suspicious activity at cybercrime.gov.in

IIT graduate among 15 held in Telangana for circulating child porn

TGCSB arrests repeat offenders in state-wide operation; links to trafficking uncovered. Telangana Police arrested 15 individuals, including an IIT graduate, on 18 Jun 2025 for the possession and circulation of child sexual abuse material (CSEAM). The operation followed 57 cyber tip-offs, resulting in 34 FIRs across multiple districts, with cases registered under the IT Act and POCSO laws. The Telangana Cyber Security Bureau (TGCSB), acting on inputs from the Cyber Tip line and in collaboration with NCMEC, ICMEC, and I4C, carried out a coordinated state-wide crackdown. Offenders were arrested from Hyderabad, Warangal, Karimnagar, Jagtial, Jagadgirigutta, and Yadagirigutta. The arrested individuals, aged between 19 and 50, largely belonged to working or middle-class backgrounds. Shockingly, an IIT graduate from Nizamabad, employed at a reputed company, was among those caught. Investigators revealed that the content was being downloaded, stored, and sometimes shared via encrypted platforms. Many of the accused were repeat offenders, tracked using digital forensic evidence and shared intelligence. Further investigation uncovered human trafficking links, with tribal women from remote Telangana mandals like Kerameri and Tiryani being targeted and sold to brothels. One victim managed to escape from Madhya Pradesh and returned home last month. In a related case, Asifabad police arrested six people, including a police constable, while three more remain absconding. Constable Haridas, one of the accused, had prior involvement in similar crimes. Quote from Official: “This is a warning that online child abuse will not go unpunished. We are using every resource to trace and prosecute offenders,” said a senior TGCSB official. Advice: This case highlights the alarming rise in online child exploitation and trafficking, even involving educated individuals and repeat offenders. TGCSB’s CPU unit, launched in February 2025, has already registered 294 FIRs and made 110 arrests, a sharp increase from prior years. Public Safety Tips: Report suspicious online content or activity involving children on cybercrime.gov.in (Women & Child tab) or dial helpline 1930 Do not download or forward any explicit or suspicious content — it’s illegal Educate children and parents about online safety, digital boundaries, and privacy settings Enable parental controls and monitor app permissions regularly