the cyber shark Archives - Page 17 of 18

Mahakumbh 2025: Cyber fraudsters dupe elderly man of Rs 1 lakh while booking tickets

MahaKumbh 2025: With over 40 crore pilgrims expected to arrive in Prayagraj, the authorities have extensive preparations for the mega-religious event. The MahaKumbh will be held here in Prayagraj between January 13 and February 26. The Mumbai police have registered a case against an unidentified person for allegedly duping a senior citizen to the tune of Rs 1 lakh on the pretext of booking a flight ticket to Prayagraj for the upcoming Maha Kumbha Mela, an official said on 07-01-2025. If you plan to visit the holy city Prayagraj to attend the Maha Kumbh Mela, you must stay alert for online fraudsters. An eye-opener case registered in Mumbai in which a cybercriminal targeted an elderly man. According to the Mumbai police, a case has been registered against an unidentified person for allegedly duping a senior citizen to the tune of Rs 1 lakh on the pretext of booking a flight ticket to Prayagraj for the MahaKumbh Mela. “The senior citizen, a businessman from Andheri, wished to attend the MahaKumbh in Prayagraj in Uttar Pradesh. While searching for booking options online, he came across a website. He called the number mentioned there and told the person about his travel requirements,” a Versova police station official said. The fraudsters asked him to pay Rs 14,000 for the accommodation arrangements for three people. Believing the offer, the victim transferred the amount. Soon afterward, the scammers asked if the complainant wanted flight tickets from Mumbai to Prayagraj and back, he said. They quoted an additional Rs 87,000 for flight bookings. Trusting them again, the victim’s son transferred the money online. However, they did not give the flight tickets to the victims, he said. Realizing that they had been duped, the complainant approached the police and filed a complaint. The police have registered a case against unidentified persons and are investigating the matter, an official added. The Maha Kumbh Mela 2025 will begin on January 13 and is set to conclude on February 26.

Gmail’s Holiday Scam Defense: How AI is Keeping Your Inbox Safe

As the holiday season kicks into full gear, so does a rising wave of email scams. Scammers seize this time of year, using deceptive tactics to trick people into giving away sensitive information or money. Whether it’s fake invoices, celebrity endorsements, or malicious threats, these fraudulent emails are everywhere. If you’re a Gmail user, you’re in luck. Google has ramped up its defenses, fighting back with new, innovative AI technology designed to protect billions of inboxes—especially during this high-risk season. Here’s a look at how email scams is stepping up its game to combat these scams and what you can do to stay safe in your inbox. Scammers Go into Overdrive This Holiday Season Every year, as the holiday season approaches, email scammers go into overdrive. With billions of emails exchanged daily, especially during sales events like Black Friday and Cyber Monday, the sheer volume of email traffic presents a perfect storm for scammers to launch their attacks. Since mid-November, we’ve seen a massive uptick in suspicious email activity, making it even harder to spot malicious messages. It’s no surprise that scammers are targeting holiday shoppers—whether it’s an urgent invoice, an enticing offer from a “celebrity,” or a threatening message to extort money. The holidays make people feel hurried and vulnerable, making them easy prey for these deceitful tactics. Email Scams Security Features: Keeping You Safe from Scams As the world’s largest email provider with over 2.5 billion users, Gmail recognizes the responsibility it has in keeping users safe. Over the years, Gmail has invested heavily in security measures to combat spam, phishing, and malware, blocking over 99.9% of these threats before they even reach your inbox. These efforts are especially crucial during the holidays, as the volume of attacks increases. email scams has seen a 35% decrease in the number of scams reaching users’ inboxes this holiday season compared to last year. This improvement is largely thanks to new AI-powered features rolled out over the past year, which have made Gmail’s defenses stronger than ever. How AI is Transforming Gmail’s Defense Against Scams AI is at the heart of email scams defense against scams, leveraging advanced models to protect users from a wide variety of threats. One such model is a large language model (LLM) that’s been trained to recognize the subtle patterns of phishing, malware, and spam. This AI has made a huge difference, blocking 20% more spam than ever before and reviewing 1,000 times more user-reported spam each day. This means fewer unwanted and potentially dangerous emails slip through the cracks. Additionally, a newly introduced AI model acts like a “supervisor” to help filter out risky messages. By instantly evaluating hundreds of threat signals when a suspicious message is flagged, it deploys protections in the blink of an eye, ensuring quicker and more effective detection of potential scams. Top Scams to Watch Out for This Holiday Season While Gmail’s defenses are stronger than ever, users need to stay vigilant. Scammers are always adapting and trying new tactics. Here are the top three email scams that are making waves this holiday season: Invoice ScamsScammers send fake invoices claiming that you owe money for a product or service. These emails often ask for urgent action, and scammers may even go as far as to convince victims to call and dispute the charges, using that connection to further trick them into making payments. Celebrity ScamsMany scams this year feature celebrity names—whether pretending the email is from the celebrity themselves or claiming they endorse a product or service. The goal is to exploit the trust people have in famous personalities to convince them to act on fraudulent offers. Extortion ScamsThese vicious scams involve threats, such as emails with personal information (like your home address or even a picture of your house). Some of these emails include threats of harm or blackmail, demanding money in exchange for keeping supposedly acquired personal material secret. 4 Simple Tips to Stay Safe This Holiday Season While Gmail’s defenses are incredibly effective, scammers are always evolving. It’s just as important for you to be cautious when handling emails. Here are four simple tips to stay safe: Slow it DownScams often create a sense of urgency with phrases like “immediate action required” or “deactivate now.” Take a deep breath and think through the message before you act. Spot CheckDouble-check the details. Does the email make sense? Validate the sender’s email address to ensure it’s legitimate. Scammers often use addresses that seem close to real ones but have small discrepancies. Stop! Don’t SendLegitimate companies or people will never demand immediate payment or personal information through email. If you’re unsure, don’t respond—just delete the message. Report Suspicious EmailsIf you spot a suspicious email, report it as spam or phishing in Gmail. Doing so not only helps protect you, but it also helps Gmail improve its security defenses for all users. Conclusion: Stay Safe and Secure with Gmail The holiday season may bring festive cheer, but it also brings an uptick in malicious email activity. Gmail’s new AI technology is designed to fight back against these threats, blocking millions of harmful emails before they reach your inbox. However, staying vigilant and following basic email security tips can further ensure that you don’t fall victim to scams. By working together—whether it’s email scams powerful defenses or your awareness—you can keep your inbox secure this holiday season and beyond. Stay safe, stay informed, and report any suspicious emails to help keep the digital world safer for everyone.

Chinese Hackers Double Cyber-Attacks on Taiwan

Taiwanese government networks experienced a daily average of 2.4 million cyber-attacks in 2024, most of which were attributed to Chinese state-backed hackers. This represents double the daily average from 2023 which saw 1.2 million daily attacks targeting government networks, Taiwan’s National Security Bureau said in a new report. “Although many of those attacks have been effectively detected and blocked, the growing numbers of attacks pinpoint the increasingly severe nature of China’s hacking activities,” the Bureau warned. The report also highlighted a substantial rise in People’s Republic of China (PRC) cyber-attacks targeting critical industries in Taiwan. These include telecommunications (650% increase), transportation (70%), and defined supply chain (57%). Security researchers have also observed significant Chinese cyber-attack activity in Taiwan over recent years amid rising geopolitical tensions around the Island territory’s self-governing status. How Chinese Hackers Target Taiwan The report highlighted a range of techniques employed by People’s Republic of China (PRC) hackers and noted that attacks against Taiwanese government agencies are typically designed to steal confidential data. The Bureau said the People’s Republic of China (PRC) hackers often exploit vulnerabilities in Netcom devices and utilize evasion techniques such as living off the land. Social engineering techniques have also been deployed which target the emails of Taiwanese civil servants for espionage purposes. China uses a range of tactics to infiltrate and compromise Taiwan’s critical infrastructure systems, such as highways and ports, to disrupt the Island’s transportation and logistics. Other cyber-attack tactics include phishing attacks, compromise of zero-day vulnerabilities, and use of Trojans and backdoors. Additionally, DDoS attacks are used to “harass” and “intimidate” Taiwan when carried out in the Island’s transportation and financial sectors. At the same time, China conducts military drills in the area, the Bureau noted. Other commonly observed Chinese attacks against Taiwanese targets include: Ransomware and other cybercrime techniques against manufacturing companies Theft of information about patented technologies developed by start-ups Stealing personal data of Taiwanese nationals and selling that information on the dark web The Bureau said the hack and leak of Taiwanese citizens’ data helps generate profits and are also designed to undermine the credibility of the Taiwanese government. “China has continued to intensify its cyber-attacks against Taiwan. By applying diverse hacking techniques, China has conducted reconnaissance, set cyber-attack ambushes, and stolen data through hacking operations targeting Taiwan’s government, critical infrastructure, and key private enterprises,” the Bureau wrote. The report also highlighted the success of Taiwan’s joint security defines a mechanism for ensuring that threat information is shared in real-time among intelligence sources and government agencies.

How to Protect Yourself Social Engineering Cyber Fraud

The biggest weakness for cyber fraud in cybersecurity strategy is humans, and social engineering takes advantage of a targeted user’s inability to detect an attack. In a social engineering threat, an attacker uses human emotion (usually fear and urgency) to trick the target into acting, such as sending the attacker money, divulging sensitive customer information, or disclosing authentication credentials. What is Social Engineering? Social engineering is the technique where unscrupulous actors manipulate, deceive, or influence an individual into divulging confidential information like personal or financial information. These include bank account information, passwords, transaction history, social security numbers, etc. These techniques can also manipulate individuals into performing specific actions that “help” the fraudster. For example, if someone tells you to download a particular app or software or share an OTP you received. Social engineering, by itself, isn’t an attack. It is the art of using psychological tactics to build trust and then using that information to commit crimes like theft, money laundering, account takeovers, remote takeovers, etc. The Global Impact of Social Engineering Social engineering has become a key element in the landscape of cyber fraud. It has become the primary technique behind many attacks targeting individuals, businesses, and government organizations. A report by the Association of Certified Fraud Examiners (ACFE) revealed that businesses lose up to 5% of their revenue every year due to fraud, and a significant portion of these frauds can be attributed to social engineering tactics. In India alone, the Reserve Bank of India (RBI) reported an alarming increase in fraud, with digital frauds rising by over 700% in recent years. Social engineering is not limited to the financial sector, although that is where the majority of its consequences are felt. Cyber-attacks based on social engineering techniques have far-reaching consequences: In India, bank frauds increased by nearly 300% over the last two years, with a major surge in digital frauds. A LexisNexis survey found that digital channels were responsible for 52% of overall fraud losses across the EMEA region. Social engineering attacks affect both businesses and individuals. Not only do victims suffer financial losses, but they also face emotional distress, feelings of guilt, and a lack of trust. Victims often hold themselves accountable, particularly in lower-income households, where such attacks can have a devastating impact on family dynamics. For businesses, the consequences go beyond financial losses; the erosion of consumer trust and the potential for high customer churn are significant challenges. For instance, the LexisNexis survey highlighted that 96% of companies in the Middle East reported a drop in customer conversion rates after incidents of fraud. Social Engineering Examples Social engineering attacks can take many forms, targeting both individuals and organizations: On an Individual Level: A retired Indian Administrative Service (IAS) officer fell victim to a scam where he was tricked into investing in a fake forex trading scheme. He ended up losing nearly Rs. 1.89 crore to the cyber fraud. On a Corporate Level: The CEO of OCBC Bank, Helen Wong, described how her company battled against sophisticated phishing attacks, resulting in fraudulent transfers amounting to millions of dollars. National Security Level: Russian hacking groups have reportedly targeted Ukraine with multiple spear-phishing campaigns aimed at disrupting national security. The ripple effect of social engineering is significant. Victims may unwittingly become money mules, transferring illicit funds to further criminal activities. The emotional toll, combined with the financial impact, can be long-lasting. Common Social Engineering Tactics Fraudsters employ a variety of social engineering tactics to manipulate their victims for cyber fraud. Some of the most common methods include: 1. Phishing Phishing is one of the most prevalent social engineering techniques. Fraudsters send fraudulent emails that appear to be from legitimate sources. These cyber fraud emails often contain malicious links designed to: Direct victims to fake websites to steal login credentials. Download malware onto the victim’s device, leading to account takeovers. Phishing is not limited to emails; it also manifests in other forms, such as smishing (SMS phishing) and vishing (voice phishing). In India, where literacy and email usage are lower, vishing is particularly dangerous. 2. Whaling Whaling is a form of phishing that specifically targets high-profile individuals, such as CEOs or other executives. The emails are often meticulously crafted to appear as if they come from trusted sources within the company. The goal is to steal sensitive information or request financial transfers. 3. CEO Scam This cyber fraud involves fraudsters impersonating high-level executives of a company, often through email or text messages. Employees of the targeted company may be tricked into following directives from the supposed CEO, such as transferring funds or sharing sensitive data, under the belief that the request is legitimate. 4. Baiting Baiting involves offering something enticing, like free software, services, or rewards, to lure the victim into a trap. The “bait” might include malicious files, which when opened, compromise the victim’s device. Physical baiting involves leaving infected USB drives in public places, hoping someone will pick them up and plug them into a device, unwittingly exposing themselves to cyber fraud threats. 5. Quid Pro Quo This tactic involves offering a service or benefit in exchange for personal or confidential information. For example, attackers may pose as IT support personnel, offering to help resolve technical issues in exchange for login credentials or other sensitive data. 6. Pretexting Pretexting involves creating a fabricated scenario to persuade the victim to share confidential information. This can involve impersonating trusted figures like police officers, bank officials, or colleagues. Over time, attackers build trust with the victim before executing their fraudulent schemes. Who are the Most Likely Targets of Social Engineering? While anyone can fall victim to social engineering attacks, certain groups are more vulnerable: The Elderly: Older adults are often less familiar with digital technologies , cyber fraud and cybersecurity practices, making them more susceptible to fraud. Common scams targeting seniors include fake government agent impersonations and investment scams. Young Adults and Teenagers: While they may be more tech-savvy, younger individuals often lack experience and may fail to

Tech wrap Jan 6: OnePlus 13 launch, Samsung Vision AI for TVs, Redmi 14C

This January brings exciting launches from top brands. On January 7, OnePlus unveils its flagship 13 series at a live event. Samsung introduces Vision AI for smarter TVs, while Xiaomi rolls out the budget-friendly Redmi 14C 5G. Realme teases its 14 Pro series 5G, launching on January 16. LG also showcases its OLED EVO TVs with built-in AI and new lifestyle projectors. Stay tuned for these groundbreaking tech releases! What to expect from the OnePlus 13 series launch on Jan 7 OnePlus, the Chinese smartphone maker, is gearing up to reveal its latest flagship smartphones in the OnePlus 13 series at the Winter Launch Event on January 7. The event will be held in person, starting at 9 PM IST, and will also be streamed live on the official OnePlus India YouTube channel. Samsung brings on-device AI features to TVs with ‘Vision AI’ At CES 2025, Samsung unveiled advanced AI technology for its 2025 TV line-up, introduced under the name “Vision AI.” These features were revealed at Samsung’s CES 2025 First Look event. The company also highlighted collaborative efforts with Microsoft and Google, integrating new functionality into its entertainment devices, including speakers and soundbars. Xiaomi has introduced the Redmi 14C 5G, a budget-friendly smartphone, in India. Powered by the Qualcomm Snapdragon 4 Gen 2 processor, the device supports dual 5G SIMs. With prices starting at Rs 9,999, the phone boasts a “Premium Starlight Design” and a glass back panel for a refined look. Realme 14 Pro series 5G launching on Jan 16 in India-inspired colorways Realme has announced the launch of its 14 Pro series 5G smartphones in India on January 16. The company also unveiled the first glimpse of the smartphones, showcasing new colors inspired by India – Bikaner Purple and Jaipur Pink. Samsung unveils AI-powered Neo QLED TVs, The Frame Pro, and more Samsung showcased a range of new entertainment devices at CES 2025 in Las Vegas, USA. Alongside its “Vision AI” features, the company introduced Neo QLED, OLED, and QLED TVs, as well as “The Frame Pro.” A new interactive triple-laser ultra-short-throw projector also made its debut. LG brings OLED EVO TVs with built-in AI, new lifestyle projectors LG unveiled its 2025 OLED Evo TV series at CES 2025, featuring innovations like the wireless OLED Evo M5 and OLED Evo G5 models. The new TVs are equipped with AI-driven personalization features designed to create customized viewing experiences. LG also introduced lifestyle projectors, adding versatility to its product line-up.

How to Protect Yourself Against the Growing Threat of AI Voice Cloning Fraud

Synopsis Voice cloning replicates your voice and can mimic the tone, pitch, and style of talking. Fraudsters use voice Cloning Fraud to scam you into sharing sensitive information like your account details. Creating awareness and being alert can help you steer clear of vice cloning frauds. In recent years, advancements in artificial intelligence (AI) and machine learning have made it possible to replicate voices with stunning accuracy. Voice cloning technology can now replicate the tone, pitch, and style of your voice, even making it indistinguishable from the real thing. While these advancements are beneficial for various industries, they also open the door for potential fraud and scams. Fraudsters use this technology to impersonate others and trick victims into sharing sensitive information like passwords or bank account details. What Is a Voice Cloning Scam? Voice cloning Fraud involve fraudsters using AI to create a synthetic version of someone’s voice. The technology can accurately mimic not just the words but the unique qualities of a person’s voice, including tone, pitch, and speaking style. Scammers use this technology to impersonate trusted individuals, such as bank officials, family members, or colleagues, to deceive victims into taking harmful actions—like transferring money, sharing personal information, or authorizing transactions. While voice cloning can have legitimate uses in entertainment, education, and customer service, its misuse has led to serious concerns about privacy and security. It’s important to be aware of the risks and take steps to protect yourself. Key Risks of Voice Cloning Fraud Here are some of the primary risks associated with AI voice cloning fraud: Financial Fraud: Scammers can use cloned voices to impersonate bank officials, convincing victims to transfer money or reveal sensitive financial details. Since voice recognition is commonly used for identity verification, a cloned voice can bypass traditional security checks. Identity Theft: Cloned voices can be used to extract personal information, which may then be leveraged to steal someone’s identity. Fraudsters may impersonate you to access personal accounts or make unauthorized purchases. Corporate Espionage: Voice cloning technology can also be misused in corporate environments. Scammers may impersonate executives or employees to steal sensitive corporate information, potentially leading to significant financial or intellectual property losses. Social Engineering Attacks: By mimicking the voice of a trusted individual, scammers can manipulate you into actions you would otherwise avoid, such as disclosing passwords, making payments, or even sharing confidential business information. Protecting Yourself Against AI Voice Cloning Fraud While voice cloning Fraud are a serious threat, there are steps you can take to protect yourself. It requires a combination of technological solutions, awareness, and personal vigilance. Technological Solutions Voice Biometric Systems: Robust voice biometric systems are designed to detect synthetic voices and distinguish between real and cloned voices. These systems analyze various characteristics, such as speech patterns, rhythm, and tone, to authenticate a speaker’s identity. AI Fraud Detection: AI-driven solutions can identify anomalies in voice patterns and flag potential fraud. These tools use advanced algorithms to recognize subtle differences between a natural voice and a cloned one, helping prevent cloning Fraud before they occur. Encrypted Communication Channels: Make sure your voice data is protected by encryption. This prevents voice samples from being intercepted and used to create voice clones. Secure communication channels ensure that any voice samples captured are safe from unauthorized access. Multi-Factor Authentication (MFA): Combining voice recognition with additional security measures, like passwords, biometrics, or One-Time Passwords (OTPs), can significantly strengthen security. Relying on voice alone is no longer enough—MFA provides a second layer of protection. Public Awareness and Education Raise Awareness: Public service announcements, workshops, and online resources can help individuals understand the risks of voice cloning. Awareness campaigns can empower people to take action before becoming victims of a cloning Fraud. Train Employees: Companies, especially those in sensitive sectors, should train employees to recognize and respond to voice cloning attempts. This includes verifying callers and being cautious when handling financial transactions or sensitive data. Verify Caller Identity: Encourage people to always verify the identity of anyone calling, especially when they are asked to share sensitive information. Call the person back using a known phone number or request secondary verification methods before proceeding. Steps You Can Take to Protect Yourself Here are some simple yet effective steps you can follow to safeguard yourself from AI voice cloning fraud: Verify the Caller’s Identity: Always double-check the identity of a caller before sharing any sensitive information. If the caller claims to be someone you know, such as a family member or colleague, call them back on a trusted phone number. Be cautious when receiving unsolicited requests for sensitive information, especially over the phone. Be Mindful of Public Voice Sharing: Avoid posting voice recordings online or sharing them on social media, as these can be used to create clones. Be cautious with voice assistants like Siri or Alexa, which may store your voice data. Enable Multi-Factor Authentication (MFA): Whenever possible, enable MFA on your online accounts. Use a combination of factors—such as passwords, text message codes, and biometric verification—along with voice authentication for better protection. Update and Strengthen Your Passwords: Regularly update your passwords and use strong, unique passwords for each account. Avoid using easily guessable information like your name, birthdate, or common phrases. Monitor Your Bank Statements: Stay vigilant by regularly reviewing your bank statements and transaction histories. Report any suspicious activity immediately to your bank or relevant financial institutions. Stay Informed About New Technologies: Keep yourself updated on the latest developments in voice cloning and AI technology. Understanding how these technologies work can help you recognize potential threats and respond accordingly. Conclusion AI voice cloning offers great potential but also significant risks, especially in fraud and identity theft. Scammers use it to impersonate trusted individuals and trick victims into revealing sensitive information or authorizing transactions. To reduce the risk of falling victim to voice- cloning Fraud , stay informed and follow protective steps. Be proactive—use technological safeguards, raise awareness, and stay vigilant when sharing sensitive information. Always verify identities and be cautious of unusual

Beware of online sextortion: boys and girls

Online Sextortion occurs when a fraudster threatens to circulate your private and sensitive material online if you do not provide images of a sexual nature, sexual favors, or money. The perpetrator may also threaten to harm your friends or relatives by using information they have obtained from electronic devices unless you comply with their demands. Sextortion is a form of Online Sextortion abuse, wherein the cybercriminal makes use of various channels like instant messaging apps, SMS, online dating apps, Online Sextortion media platforms, porn sites, etc., to lure the users into intimate video/audio chats and makes them pose nude or obtains revealing pictures from them. The fraudsters later make use of this material to harass, embarrass, threaten, exploit, and blackmail the victims. Dangers Abuse and Exploitation Harassment Blackmail Threats of public humiliation Mental distress Modus Operandi The fraudsters try to lure the users into sharing intimate content in different ways posting messages for video/audio chat using fake accounts/profiles creating pages/ad campaigns The users get victimized when they pay for such services and pose nude or in a compromising position in video calls accepts or sends friend requests to the fake account/profile and is involved in intimate interaction posing nude in video chats, sending revealing pictures, etc., The fraudster records video/ takes screenshots/ takes pictures/makes use of revealing pictures/morphs the pictures sent The fraudster starts blackmailing the victim leading to sextortion. The users of porn sites may also fall prey to sextortion when their chats/video calls on porn sites are used for blackmail by fraudsters. Channels used for trapping the victims into sextortion The fraudsters resort to sextortion following the modus operandi given above using various channels like – Messaging apps Dating apps Online Sextortion media platforms Porn sites etc., Warning signs indicate attempts of sextortion by cybercriminals Repeated untoward messages/video calls from unknown number/s Repeated friend requests from an unknown person Repeated requests for private intimate pictures, video chats, photos Manipulating or redirecting the conversation toward intimate topics Rush through the things and try to develop intimacy Warning signs that may indicate victimization Signs of fear, nervousness, anxiety, depression Isolating self and being very reactive & emotional Feeling desperate and frustrated Having suicidal thoughts and self-harming behavior. Safety tips to protect yourself against online sextortion Never share any compromising images, posts, or videos of yourself with anyone, no matter who they are Remember that the internet never forgets or forgives. If you have shared something once, it will remain present on the Net forever, in one form or the other. Never accept or request friendship from unknown people on social media platforms. Enable privacy and security features on your Online Sextortion media accounts and instant messaging apps. Use the “Report User” option on Online Sextortion media platforms to report any such Do not share your personal/private pictures publicly. Turn off your electronic devices and web cameras when you are not using them. Use two-factor authentication with strong passwords and different passwords for different social media accounts. During an Online Sextortion interaction or chat, if the person on the other side is trying to rush through things and develop intimacy, then it is cause for alarm. Never allow anyone, however close to capture any private part or intimate activity with any device. Such data can be misused at a later stage. Do not accept video calls or open attachments from people you do not know. Save the evidence and the screenshots for referring to the incident later. Do not suffer in silence, know that you are not alone, and reach out and seek help from trusted family and friends. File a complaint against sextortion Online Sextortion or at your nearest cybercrime cell. Remember that you can also anonymously file an Online Sextortion complaint against such an offense on the national cybercrime reporting portal cybercrime.gov.in. Avoid clicking intimate/nude/semi-nude photos/videos on your phone, which if leaked could cause embarrassment. Several rouge mobile apps could access your gallery/storage and can be used to blackmail you. Don’t hesitate to file a complaint or contact the police due to shame, embarrassment, and self-blame. Know what the Law Says about this offense? It is a punishable offense by law and attracts sections 354 (D), 506 / 507, 509 IPC, and 384 IPC, and Sec.67 of the IT Act is also applicable. Offenders in such crimes usually thrive on the victim’s silence and lack of clarity in the law. Hence, everyone needs to be aware of the codes and sections that will help them in such cases. Section 108(1)(i)(a) of the Criminal Procedure Code empowers the victim to call the magistrate of her locality and inform him/her about the person whom she believes could circulate any obscene matter. The magistrate has the power to detain such person(s) and can order him to sign a bond to stop him from circulating the material. This might deter the accused. This is a quick remedial section because the victim can complain to the magistrate without any direct evidence against the accused. Section 292 of the Indian Penal Code (IPC) incriminates any person who distributes or threatens to disperse any intimate and compromising images of someone through any electronic means, including apps and other social media. If a picture of the woman is clicked obscenely without her knowledge and is distributed, a voyeurism case under Section 354C of the IPC can also be filed along with the aid of other relevant sections from the Information Technology Act.

Catfisher Nabbed in Delhi: Cyber Crime Unveiled in Online Dating Case

A Delhi University student fell victim to a Cyber Crime when a supposed U.S.-based model. she met on a dating app conned her into sharing explicit content, which he later used for extortion. Delhi police have arrested the 23-year-old accused, revealing a shocking online scam operation. A college student from Delhi University was allegedly targeted by a cybercriminal posing as a U.S.-based freelancer model on an online dating platform. The Cyber Crime victim, who met the suspect on Bumble, was misled into sharing private photos and videos, which the accused threatened to leak unless paid, according to police reports. The scam came to light when the victim, pressured by continuous extortion threats, alerted her family and subsequently lodged a complaint with the PS Cyber Crime West police department. Authorities swiftly launched an investigation, identifying the perpetrator as Tushar Bisht, a 23-year-old resident of Delhi. During his arrest in Shakarpur, East Delhi, Bisht confessed to using a virtual international mobile number to contact multiple women on platforms like Bumble and Snapchat. Presenting himself with fake credentials and profiles, he extorted several victims by threatening to release their private content unless they paid him. Detailed interrogation revealed Bishtr’s connection with numerous victims, highlighting the severity of his deceit. Originally motivated by amusement, his actions escalated to a systematic extortion scheme. The police have emphasized the importance of online safety and awareness, particularly for young women engaging in digital communications. This arrest highlights the increasing threat of online scams and underscores the need for vigilance on digital platforms, as authorities continue to combat cybercrime efforts.

10 the Top News Stories and Cybersecurity of 2024

The ransomware juggernaut rolled inexorably in 2024, yet again, leaving more devastated Cybersecurity in its wake. This year, the UK’s NHS found itself at the receiving end of some particularly nasty attacks, but there were other high-profile victims as well. Meanwhile, state-backed cyber intrusions from China and Russia continued apace, driven by global geopolitical uncertainty. Many long-running Cybersecurity espionage campaigns were exposed. But if 2024 proved one thing only, it was that shining a light on the cyber underworld is working. The British are coming for the bad guys, as new attributions from the National Cybersecurity Centre (NCSC), takedowns led by the National Crime Agency (NCA), and proposed legislation highlighting ransomware threats to critical sectors is proving. If 2024 is remembered for anything in the cyber community, it may just be the year in which the good guys took the gloves off and fought back properly. Here are Computer Weekly’s Top 10 Cyber Crime stories of 2024. British Library ransomware attack could cost up to £7m The effects of the British Library ransomware attack at the end of 2023 continued to be felt into 2024 as the venerable institution continued to struggle to bring its crippled systems back online. In January 2024, it emerged that the scale of the ransomware attack was so immense and its effects so devastating, that it could end up costing the British Library up to £7m, dwarfing the £650,000 ransom demand. Later in the year, in a remarkable display of transparency, the British Library’s leadership published a detailed breakdown of their experience at the hands of the Rhysida ransomware crew, to help others learn and understand. SolarWinds hackers attack Microsoft in apparent recon mission Also in January, Cosy Bear, the Russia-backed hacking outfit behind the SolarWinds Sunburst incident, was back in action, breaking into Microsoft’s systems with a brute force, password spraying attack and from there accessing corporate accounts belonging to leadership and Cybersecurity employees. Microsoft is one of some suppliers that finds itself at the receiving end of such intrusions, thanks in part to its global reach and scale, and its in-depth relationships with Western governments, and has faced tough questions over its Cybersecurity posture in recent years as a result. Lock Bit locked out in NCA-led takedown One of the biggest stories of the year unfolded dramatically on a dull February day when the infamous Lock Bit ransomware gang was taken down and its infrastructure hacked and compromised in Operation Cronos, led by the UK’s National Crime Agency (NCA). In the immediate aftermath of the takedown, Computer Weekly took the temperature of the Cybersecurity community, finding upbeat sentiment, but also tempered by the knowledge that one swallow does not make a summer. Throughout the year, the NCA has been sharing a trove of information it gathered during the exercise, as well as taking time to mock and troll Lock Bit’s leader since named as Dmitry Khoroshev, who at one time boasted of his luxury lifestyle as he toyed with law enforcement. Mandiant formally pins Sandworm cyber-attacks on APT44 group In April, threat intel leaders Mandiant formally “upgraded” the malicious activity cluster known as Sandworm to a full-blown, standalone advanced persistent threat (APT) actor to be tracked as APT44 – other companies have different taxonomies, Mandiant’s is alphanumeric. APT44 is run out of Russia’s Main Intelligence Directorate (GRU) within Unit 74455 of the Main Centre for Special Technologies (GTsST) and is described as one of the most brazen threat actors around. Although it confines its activities to those in service of the Russian state rather than financially motivated criminality, the links between cybercrime and cyber espionage continued to blur during 2024, with some nation-state APTs even acting as initial access brokers (IABs) for ransomware gangs. NHS services at major London hospitals disrupted by cyber attack In early June, a major cyber-attack on Synovia, a pathology lab services provider that works with Guys and St Thomas’ and King’s College hospitals in London, as well as other NHS sites in the nation’s capital, was laid low by a Qulin ransomware attack. This intrusion resulted in a major incident being declared in the NHS, with patient appointments and surgeries cancelled, and blood supplies running dangerously low. The ramifications of this truly callous cyber-attack are still being felt six months on. UK Cyber Bill teases mandatory ransomware reporting All eyes were on Westminster in July for the first King’s Speech held under a Labour government in over a decade , and for the Cybersecurity community, there was plenty to pick over as Keir Starmer’s administration proposed implementing compulsory cyber incident reporting – including ransomware – for operators of critical national infrastructure (CNI), in a new Cybersecurity and Resilience Bill. According to the government for Cybersecurity , the law will expand the remit of existing regulation give regulators a more solid footing when it comes to protecting digital services and supply chains, and improve reporting requirements to help build a better picture of Cybersecurity . The Bill will likely be introduced to Parliament in 2025. NCSC and allies call out Russia’s Unit 29155 over cyber-warfare In September, the UK and its Five Eyes allies joined forces with the European Union (EU) and Ukrainian cyber authorities to highlight a dastardly campaign of cyber espionage conducted by Unit 29155, another Russian APT. Unit 29155 targets victims to collect information for espionage purposes, sabotages websites and daily operational capabilities and tries to cause reputational damages by selectively leaking important data. It has conducted thousands of exercises across NATO and the EU with a notable focus on CNI, government, financial services, transport, energy, and healthcare. It is also particularly notable for its involvement in the Whisper Gate campaign of destructive malware attacks against Cybersecurity to Ukraine in advance of the 2022 invasion. Money transfer firm MoneyGram rushes to contain cyber attack US-based financial services and money transfer outfit MoneyGram was another high-profile cyber attack victim to emerge in 2024, with its systems taken down in an apparent ransomware attack in September 2024.

Bank official among four held for siphoning Rs 12 crore from Bengaluru firm’s accounts

Investigations revealed the gang was transferring Rs 12.30 crore across multiple cyber criminals accounts, with similar cases filed against them in 12 police stations across eight states. Bapatla police have arrested two cyber criminals who transferred over Rs 74 lakh into fraudulent accounts, with two main suspects still at large. The arrests were announced by Bapatla District Superintendent of Police (SP) Tushar Dudi during a press conference on 02-01-2025. The victim, G Sri Lakshmi Vara Prasad Rao, a retired professor from Chundur, reported the cyber criminals after unknown individuals falsely accused him of money laundering and siphoned Rs 74 lakh from his bank account. Police promptly froze the accounts and launched an investigation. Amid rising cybercrime cases, SP Dudi formed special teams led by IT Core Sub-Inspector (SP) Naib Rasool and Chundur Circle Inspector (CI) Srikanth. The teams traced the suspects to Rajasthan and Mumbai, arresting Ramesh (A3) and Shrawan Kumar (A4), both from Rajasthan, while the primary accused, Akash Kulhari and Sriva Prasad, remain at large. Investigations revealed the gang was involved in transferring Rs 12.30 crore across multiple fraudulent accounts, with similar cases filed against them in 12 police stations across eight States, including Andhra Pradesh, Karnataka, Maharashtra, Odisha, West Bengal, Gujarat, Telangana, and Rajasthan. Ramesh and Shrawan are accused of transferring Rs 15 lakh and Rs 35 lakh, respectively, across several cases. Police seized Rs 7 lakh in cash, 24 ATM cards, and 11 checkbooks, and froze Rs 17.90 lakh in accounts linked to the suspects. The gang is believed to have defrauded victims of Rs 10 crore in 43 cases across 39 districts in 18 States, as recorded on the National Crime Records Bureau (NCRB) portal. The SP warned the public about such cyber scams, clarifying that ‘cyber criminals’ do not exist. He urged victims to immediately report cybercrimes by calling 1930. The SP commended the efforts of the IT core team, special squads, and police personnel in cracking the case, emphasizing ongoing efforts to apprehend the remaining suspects.

the cyber shark