cyber security

Italy Fines OpenAI €15 Million for ChatGPT GDPR Data Privacy Violations

Italy’s data protection authority has fined ChatGPT maker OpenAI a fine of €15 million ($15.66 million) over how the generative artificial intelligence application handles personal data. The fine comes nearly a year after the Garante found that ChatGPT processed users’ information to train its service in violation of the European Union’s General Data Protection Regulation (GDPR). The authority said OpenAI did not notify it of a security breach that took place in March 2023, and that it processed the personal information of users to train ChatGPT without having an adequate legal basis to do so. It also accused the company of going against the principle of transparency and related information obligations toward users. “Furthermore, OpenAI has not provided for mechanisms for age verification, which could lead to the risk of exposing children under 13 to inappropriate responses with respect to their degree of development and self-awareness,” the Garante said. Besides levying a €15 million fine, the company has been ordered to carry out a six-month-long communication campaign on radio, television, newspapers, and the internet to promote public understanding of how ChatGPT works. This specifically includes the nature of data collected, both user and non-user information, for the purpose of training its models, and the rights that users can exercise to object, rectify, or delete that data. “Through this communication campaign, users and non-users of ChatGPT will have to be made aware of how to oppose generative artificial intelligence being trained with their personal data and thus be effectively enabled to exercise their rights under the General Data Protection Regulation (GDPR),” the Garante added. Italy was the first country to impose a temporary ban on ChatGPT in late March 2023, citing data protection concerns. Nearly a month later, access to ChatGPT was reinstated after the company addressed the issues raised by the Garante. In a statement shared with the Associated Press, OpenAI called the decision disproportionate and that it intends to appeal, stating the fine is nearly 20 times the revenue it made in Italy during the time period. It further said it’s committed to offering beneficial artificial intelligence that abides by users’ privacy rights. The ruling also follows an opinion from the European Data Protection Board (EDPB) that an AI model that unlawfully processes personal data but is subsequently anonymized prior to deployment does not constitute a violation of GDPR. “If it can be demonstrated that the subsequent operation of the AI model does not entail the processing of personal data, the EDPB considers that the GDPR would not apply,” the Board said. “Hence, the unlawfulness of the initial processing should not impact the subsequent operation of the model.” “Further, the EDPB considers that, when controllers subsequently process personal data collected during the deployment phase, after the model has been anonymised, the GDPR would apply in relation to these processing operations.” Earlier this month, the Board also published guidelines on handling data transfers outside non-European countries in a manner that complies with GDPR. The guidelines are subject to public consultation until January 27, 2025. “Judgements or decisions from third countries authorities cannot automatically be recognised or enforced in Europe,” it said. “If an organisation replies to a request for personal data from a third country authority, this data flow constitutes a transfer and the GDPR applies.”

Department of Telecommunications Orders Telecom Operators to Play Cybercrime Awareness Caller Tune Daily

The telecom department has ordered operators to play cyber-crime awareness caller tune 8-10 times per day to telephone subscribers for three months. According to the order copy sent to the telecom operators, the caller tunes will be provided by the Indian Cybercrime Coordination Centre (I4C) — a cyber-crime wing under the Home Ministry. “To make the public aware of cybercrime through the caller tune campaign, it has been decided to play caller tune audios through pre-call announcement/ring back tone arrangement, which will be provided to TSPs by nodal officers of I4C. Caller tunes to a subscriber may be played about 8-10 times a day,” the order dated December 18 said. The order asked telecom service providers (TSPs) to take action on the order immediately. “Different caller tunes related to cybercrime will be provided every week for three months,” the order said. There has been a rise in the incidence of financial fraud through new scams like digital arrest, where cybercriminals pose as police, judges etc. to extort money from victims. The Centre and Telecom Service Providers (TSPs) have devised a system to identify and block incoming international spoofed calls displaying Indian mobile numbers that appear to be originating within India. According to the centre, such international spoofed calls have been made by cyber-criminals in recent cases of fake digital arrests, FedEx scams, impersonation of government and police officials, etc. Till November 15, more than 6.69 lakh SIM cards and 1,32,000 IMEIs, as reported by Police authorities, have been blocked by the Centre.

How to Protect Yourself from Unified Payments Interface (UPI) Frauds

In India, UPI (Unified Payments Interface) has become the go-to method for digital transactions, but with this rise in usage, UPI frauds are also increasing. Over 95,000 UPI fraud cases were reported in the 2022-23 financial year. Understanding how these scams work is your first step toward staying safe. Here’s everything you need to know about UPI frauds and how to protect yourself from falling victim to them. UPI (Unified Payments Interface) was launched on April 11, 2016, by the National Payments Corporation of India (NPCI). It was introduced to make digital payments easier and faster in India. Key figures in its creation included Dr. Raghuram Rajan, the RBI Governor at the time, and Nandan Nilekani, former chairman of UIDAI. Multiple UPI payment app’s Google Pay is a widely used app that offers seamless UPI payments and integration with multiple banks: – Phone Pay – One of the leading UPI apps with features like bill payments, recharges, and money transfers. Paytm – Known for various services beyond UPI, such as mobile recharges, shopping, and financial products. Amazon Pay – Amazon’s payment platform also supports UPI for easy transactions. BHIM (Bharat Interface for Money) – An app developed by the Indian government to promote UPI adoption, specifically aimed at simplifying digital payments. Know About UPI Fraud? UPI fraud happens when someone tries to trick you into revealing your UPI PIN or personal information, so they can steal money from your bank account. Fraudsters use a variety of tricks to gain access to your UPI details and carry out unauthorized transactions. Multiple Types of UPI Frauds Vishing (Voice Phishing) Vishing (Voice Phishing) is when scammers trick people over the phone to steal personal information, like bank details or passwords. The scammer might pretend to be someone trustworthy, like a bank employee or a government official, and try to get you to share sensitive information. For example, they might call you saying there’s an issue with your bank account and ask for your account number, or claim they need to fix a problem with your computer and ask for remote access. Always be cautious about unsolicited calls and never give out personal details over the phone unless you’re sure of the caller’s identity. Fake UPI Payments or Transfers Fake UPI payments refer to scams that fraudsters use to trick people into believing that they have received money or manipulate them into transferring money. Scammers use fake payment links, screenshots, and misleading payment requests to steal money. The fake UPI payment is a concern for UPI users. Fake UPI QR Codes Fraudsters create fake QR codes that lead to phishing sites or malicious apps. When you scan these codes, they steal your UPI details. Impersonation Scammers pose as bank staff or customer service agents to trick you into sharing your OTP or UPI PIN. The penalty for identity theft is imprisonment for up to three years and a fine of up to one lakh rupees. Impersonation: Impersonation is an offence under Section 416 of the IPC. Fraud Sellers Seller fraud happens when a seller tricks or deceives a buyer to make money unfairly. This could include things like: Taking payment but not delivering the product. Selling fake or damaged items while claiming they’re real or in good condition. Providing false or misleading information about the product to get a sale. Screen Monitoring Apps Some scammers use apps that secretly monitor your screen to capture sensitive information like your UPI PIN or OTP. They’re often used by parents to monitor kids, employers to watch employees, or for security purposes. They can capture screenshots, track apps, and even log keystrokes. SIM Cloning SIM cloning is when someone makes an exact copy of another person’s SIM card. A SIM card is a small chip in your phone that stores important information, like your phone number and contacts. Cloning a SIM card means creating a duplicate of that information, so someone else can use your phone number and access your calls, texts, and other services, usually without your permission. It’s a form of identity theft or fraud, and it can lead to privacy violations or financial loss. Malware Malware is short for “malicious software.” It’s a type of harmful software designed to damage, disrupt, or steal information from your computer, phone, or other devices. Think of it like a virus or a sneaky bug that gets into your device without you knowing and causes problems. Malware can steal your data, like passwords or credit card numbers, or it can slow down your device and make it stop working properly. Money Mule A “money mule” is someone who is used by criminals to transfer stolen money or illegal funds. In simple terms, it’s like being a middleman who helps criminals move money, often without knowing that it’s illegal. Here’s how it works: A criminal might trick someone into accepting money in their bank account or through other methods, then ask them to send that money to someone else, often overseas. The person doing this is called a “money mule.” They might think they are helping with a legitimate job or transaction, but in reality, they are unknowingly part of a crime. Deceiving UPI Handles “Deceiving UPI handles” refers to fake UPI (Unified Payments Interface) IDs that are designed to trick people into sending money to the wrong account. In simple terms, scammers create UPI IDs that look very similar to the ones of trusted people or organizations, like a friend or a well-known business. When someone tries to send money to the correct person, they accidentally send it to the scammer’s fake account instead. So, “deceiving UPI handles” are essentially fake payment IDs that are made to deceive and steal money from people. Collect Request Fraud “Collect Request Fraud” is a type of scam where a fraudster tricks someone into paying money by sending them a “collect request” through a payment platform, like UPI or other apps. Here’s how it works: The scammer sends

Shocking Cyber Slavery Expose Shakes India, Govt Vows To Crack Down

The ground-breaking investigation has uncovered a chilling web of cyber-crime syndicates operating out of Southeast Asia, exploiting thousands of Indian men and women. Lured by fake job offers, these victims are trafficked, tortured, and coerced into committing cybercrimes under duress. The report revealed the harrowing accounts of individuals who were enslaved and forced to target fellow citizens, deceiving them through fraudulent activities on platforms like WhatsApp. Operating from remote locations in Cambodia, Myanmar, and Laos, the syndicates use isolated beachside casinos and gated complexes to carry out their illegal operations. Victims, including Pradeep Kushwaha, were subjected to severe torture, including electric shocks and beatings, leaving them with no option but to comply. The investigation has sparked a swift response from the Indian government. The Home Ministry’s Cyber Security Wing (I4C) has initiated a nationwide effort to gather information on cyber slavery victims, while the Ministry of External Affairs has promised to take-action by collaborating with authorities in Cambodia and other countries involved. The Centre has also advised Indian citizens seeking overseas employment to avoid non-credible agents and only use those registered in the government portal. The hard-hitting expose has not only raised awareness about this dangerous global crime but also pushed the Modi government to take immediate action to protect India’s digital safety and curb the growing menace of cyber slavery.

Razorpay joins MHA to enhance cybersecurity in India

has collaborated with the Ministry of Home Affairs (MHA) and the Indian Cyber Crime Coordination Centre (I4C) to enhance cybersecurity in the digital payments sector in India. This partnership focuses on equipping businesses and consumers with crucial knowledge to safeguard themselves, while also raising nationwide awareness about cybersecurity challenges. Alarmingly, 85% of reported cybercrime cases involve financial fraud, highlighting the increasing risks in online transactions. Between January and April of 2024, victims collectively lost over USD 21.2 million to such crimes. Officials from the I4C, emphasized the initiative’s significance, stating that the partnership with Razor Pay combines their technological expertise with I4C’s strategic initiatives to strengthen the digital economy in India. Strengthening digital security As part of the collaboration, Razor Pay will spearhead an extensive awareness campaign, educating businesses and consumers on essential cybersecurity topics. According to the announcement, the platform has already established connections with more than 1,600 cybercrime stations across 25 states and union territories, creating robust communication networks to combat cybercrime. It has also conducted specialized workshops to share strategies for fraud prevention and showcase its capabilities. Officials from Razor Pay highlighted India’s rapid growth in digital payments, noting that the nation has a responsibility to ensure safe digital experiences for its growing population of new digital users. Cybersecurity is integral to national progress, especially in a country like India, which accounts for 46% of global digital payment volumes. The rise in digital transactions has been accompanied by increased risks, as seen in recent data from the National Cybercrime Reporting Portal, which recorded over 7,000 complaints daily from January to April 2024.

India Strengthens Cybersecurity Framework to Combat Rising Cybercrimes

The Central government has strengthened its fight against cybercrime by adopting a multi-pronged framework that would strengthen the country’s response to new digital threats. December 4, 2024: The Indian government has ramped up its efforts to tackle the growing threat of cybercrime, unveiling a multi-pronged framework aimed at addressing new digital challenges and protecting citizens from a wide range of online crimes. The proactive approach was highlighted by Union Minister of State for Home Affairs, Bandi Sanjay Kumar, in response to an unstarred question in the Lok Sabha today. The government’s strategy includes strengthening legal measures, bolstering investigative capabilities, and enhancing public awareness. At the heart of the government’s efforts is the Indian Cyber Crime Coordination Centre (I4C), a central mechanism for handling cybercrimes. Through this system, law enforcement agencies are empowered to report, investigate, and resolve cybercrime cases, including financial fraud, and crimes against women and children. One of the key innovations is the National Cyber Crime Reporting Portal, which allows citizens to report incidents online, with a special emphasis on crimes targeting vulnerable groups. The Citizen Financial Cyber Fraud Reporting System, introduced in 2021, has proven crucial in halting cyber fraud, saving over Rs 3,431 crore across nearly 10 lakh complaints. A toll-free helpline, 1930, has also been established to enable immediate reporting of financial cybercrimes. The Indian government has reinforced its legal framework to address digital threats with key legislation, including the Information Technology Act, of 2000, the Bharatiya Nyaya Sanhita, of 2023, and the POCSO Act, of 2012. According to the National Crime Records Bureau (NCRB), there were 17,470 reported cases of cyber fraud in 2022 alone, including 6,491 OTP fraud cases and 2,910 online banking frauds. In response to the growing sophistication of cybercrimes, the government has made significant investments in cyber forensics. The National Cyber Forensic Laboratory (Investigation) in New Delhi, along with a facility in Hyderabad, is providing state-of-the-art forensic assistance to law enforcement. Additionally, over 98,000 officers have been trained through the CyTrain portal, equipping them with specialized skills to handle cybercrimes. Cyber hygiene awareness campaigns have also been conducted nationwide, targeting government officials, youth organizations, and the general public. The government’s public awareness campaign includes mobile SMS alerts, social media outreach, and digital displays at public transport locations. Influencer collaborations and radio and newspaper campaigns have further amplified the government’s message. Additionally, measures have been taken to block international spoofed calls, which are often used in scams such as impersonation and fake arrests. As part of these efforts, more than 6.69 lakh SIM cards and 1.32 lakh IMEIs have been blocked. The Cyber Crime Prevention against Women and Children (CCPWC) scheme, a key component of the government’s cybersecurity strategy, has allocated Rs 131.6 crore to create forensic-cum-training laboratories and train over 24,600 personnel in awareness and investigation techniques. A special focus has been placed on cybercrime hubs, like Jamtara in Jharkhand and Hyderabad, where joint cyber coordination teams have been set up to enhance law enforcement collaboration.

Harness ‘double AI power’ to tackle high-tech crime: PM Modi

Prime Minister Narendra Modi on 01/12/2024 called upon the police and security establishment to harness India’s double AI power of Artificial Intelligence and ‘Aspirational India’ to thwart the threats from digital fraud, cybercrime, and AI technology, particularly the potential of deepfake to disrupt social and familial relations. Addressing the DGP and IG conference on a concluding day, the prime minister also emphasized the transformation of the police to SMART through strategic, meticulous, adaptable, reliable, and transparent action while urging the law enforcement agencies to modernize and realign themselves with the vision of ‘Viksit Bharat’. He appreciated the initiatives taken in urban policing and suggested that each initiative be collated and implemented entirely in 100 cities of the country. He called for the use of technology to reduce the constabulary’s workload and suggested that police stations be made the focal point for resource allocation. He also highlighted the need to expand the focus on port security and prepare a plan of action for it. Recalling the unparalleled contribution of Sardar Vallabhbhai Patel to the Ministry of Home Affairs, the prime minister exhorted the entire security establishment from MHA to the police stations, to pay homage to the great leader on his 150th birth anniversary next year, by resolving to set and achieve a goal on any aspect which would improve the image of police, professionalism and capabilities. The prime minister said wide-ranging discussions were held during the conference on national and international dimensions of security challenges. He expressed satisfaction with the counter strategies that emerged from the deliberations. He distributed the President’s police medal for distinguished service to officers of the Intelligence Bureau. Official sources said that in-depth discussions were held on existing and emerging challenges to national security, including counter-terrorism, left-wing extremism, cyber-crime, economic security, immigration, coastal security, and narco-trafficking. Emerging security concerns along the border with Bangladesh and Myanmar, trends in urban policing, and strategies for countering malicious narratives were also discussed. The conference was attended by Union Home Minister Amit Shah, National Security Advisor Ajit Doval, ministers of state for home Nityanand Rai and Bandi Sanjay Kumar, principal secretary to Prime Minister PK Mishra, and Union Home Secretary Govind Mohan. The conference, which was held in a hybrid format, was attended by DGPs of all states and Union Territories heads of the central armed police forces and central police organizations physically, and over 750 officers of various ranks virtually.

Man learns ‘cyber fraud tricks from YouTube’, dupes NRI of Rs 28 lakh

Palwinder Singh swapped Iqbal Singh’s SIM card for a duplicate one. Then he requested new debit cards linked to Iqbal Singh’s accounts and used the UPI platform to carry out numerous transactions. A man who duped an NRI of Rs 28 lakh after learning “cyber fraud tricks from YouTube” has been arrested, Ludhiana Police said on 26/11/2024. Iqbal Singh Sandhu, the NRI from Canada and a native of Ludhiana’s BRS Nagar discovered the fraud during his recent visit to India, the police said. Between May 12 and October 31, a total of Rs 28 lakh was siphoned from his three bank accounts without his knowledge, the police said. According to the police, the accused, Palwinder Singh, had worked as Iqbal Singh’s driver. Also, he additionally worked as a taxi driver. Investigations revealed that Palwinder Singh thoroughly planned the fraud after watching videos online that explained methods to access and transfer money from others’ bank accounts. DCP Jaskiranjit Singh Teja said that on May 11, Palwinder Singh drove Iqbal Singh to Amritsar airport for his flight to Canada. During their brief stopover at an eatery, Palwinder Singh swapped Iqbal Singh’s SIM card for a duplicate one. Unaware of the swap, Iqbal Singh replaced his Indian SIM with an international one after boarding the flight. With access to Iqbal Singh’s phone number and email password, Palwinder Singh allegedly applied his newly acquired skills. He requested new debit cards linked to Iqbal Singh’s accounts and used the UPI platform to carry out numerous transactions. He made payments at fuel stations and collected cash in return. He conducted various transactions via UPI, the police said. The DCP added that on November 13, Iqbal Singh filed a complaint with the cybercrime police, reporting unauthorized withdrawals. A detailed investigation led the police to Palwinder Singh, who confessed to the crime during questioning. The police have recovered Rs 13.58 lakh, along with several passbooks, checkbooks, and debit cards.

Govt blocks 6.69 lakh SIM cards, 1.32 lakh IMEIs to check cyber crimes

The Indian government has blocked over 669,000 fraudulent SIM cards and 132,000 IMEIs to combat cybercrime. The Centre has blocked 6.69 lakh SIM cards and 1.32 lakh International Mobile Equipment Identity (IMEI) numbers reported by police authorities to check cybercrimes in the country, Rajya Sabha was informed on 27/11/2024. In a written reply to a question, Minister of State for Home Affairs Bandi Sanjay Kumar said the central government and Telecom Service Providers (TSPs) have devised a system to identify and block incoming international spoofed calls displaying Indian mobile numbers appearing to be originating within India. “Cyber criminals have made such international spoofed calls in recent cases of fake digital arrests, FedEx scams, and impersonation of government and police officials,” the minister said. Directions have been issued to the TSPs for blocking such incoming international spoofed calls, he said. “Till November 15, 2024, more than 6.69 lakh fake SIM cards and 1.32 lakh IMEIs as reported by police authorities have been blocked by the government of India,” he said. The citizen financial cyber fraud reporting and management system under I4C was launched in 2021 to immediately report financial frauds and stop fraudsters from siphoning off funds, he said.”So far, more than Rs 3,431 crore has been saved in more than 9.94 lakh complaints,” he said.

Students asked to become ‘cyber citizens’ to prevent cybercrimes

Police have called upon students to become ‘cyber citizens’ and help the cyber cell officers prevent online fraud, which has been rising. At a program organized by NTR Police at Siddhartha Mahila College on 26/11/2024, Police Commissioner S.V. Rajashekar Babu cautioned the students about cyber offenses. Students performed a cultural show alerting the public on various online frauds being reported daily. Mr. Rajashekar Babu said the NTR Commissionerate Police were taking measures to enlighten the public on the ‘1930 Call Centre’, ‘Cyber Citizens Mobile App’, ‘National Cyber Crime Reporting Portal (NCRP)’, and the Indian Cyber Crime Coordination Centre to check cybercrimes. “I request the students to be a cyber citizen. We will train the youngsters on different types of cyber offenses, how to respond immediately to online fraud, steps to prevent cybercrimes, where to complain about fraud, and other topics,” Mr. Rajashekar Babu said. Senior police officers explained to the girls about ‘honey trap’, an App’, ‘fake share marketing trade App’, ‘digital arrest’, ‘job frauds’, ‘matrimonial frauds’, ‘fake ED and CBI calls’, and other cyber offenses. “Fraudsters are resorting to frauds through various modus operandi. People should have knowledge of cyber frauds and help the police to prevent such frauds,” Mr. Rajashekar Babu said. Police are planning to create cyber citizens from different sectors. Training will be given to the cyber citizens, who will create awareness among the public on online frauds and the steps to avoid fake and spam calls, he said. The students carrying placards raised slogans against online fraud. College principal S. Kalpana, Junior College principal Dr. S. Padmaja, faculty T. Nagarani, K. Sarala, R. Madhavi and police officers participated.