Professional Documents
Culture Documents
Cyber Crime Survey, 2023
Cyber Crime Survey, 2023
CYBERCRIME TRENDS
IMPACTING INDIA
INTRODUCTION
In an era defined by digital connectivity and technological advancements, the realm of cyberspace has become both
a boon and a challenge. As the world increasingly relies on digital platforms for communication, commerce, and
information sharing, the spectre of cybercrime has risen in tandem, casting a shadow on the promise of the digital
age. India, a nation rapidly embracing digital transformation, finds itself at the crossroads of innovation and
vulnerability, grappling with the surge of cybercrimes that have unfolded between January 2020, and June 2023.
This whitepaper by IIT Kanpur incubated Future Crime Research Foundation (FCRF) delves into a comprehensive
analysis of the data, presenting a meticulous examination of the alarming trends in cybercrime across various
categories and subcategories along with cybercrime hotspots and emerging centres. This document serves as a
crucial resource for understanding the intricate nuances of cyber threats that have besieged the Indian digital
landscape. By distilling complex data into insightful narratives, this whitepaper aims to illuminate the realities of
the evolving cybercrime landscape, offering insights that resonate with both experts and the general public alike.
This whitepaper stands as a testament to the power of communication, as it translates statistical increases into
narratives that inspire action. By shedding light on the alarming rise of cybercrime and hotspots, we aim to
empower readers with knowledge, engender a sense of urgency among stakeholders, and advocate for the
implementation of robust cybersecurity measures that safeguard India's digital future.
The ensuing sections dissect each category and subcategory of cybercrime, unravelling the numbers to tell a
compelling story of the challenges that lie ahead. From the nefarious world of impersonation and fraud to the
intricate realm of financial deception, hacking, and digital disruption, this whitepaper unveils a panoramic view of
India's cybercrime landscape. Through meticulous analysis and precise language, we endeavour to present a report
that not only informs but also compels action – an action that is essential to secure the integrity of digital
interactions, protect individuals from harm, and fortify the nation's digital infrastructure.
The objective of the whitepaper is to offer an all-encompassing examination of distinct categories of cybercrime,
which include Online and Social Media Related Crime, Online Financial Fraud, Hacking/Damage to Computer,
Computer Systems etc, Online Cyber Trafficking, Online Gambling, Ransomware, Deepfake crimes - Sextortion,
Synthetic Audio video etc, Cryptocurrency Crime, and Cyber Terrorism. A special mapping of cybercrime hotbeds
and emerging cybercrime zones has been done to monitor cybercriminals activity and initiate an action plan by law
enforcement agencies.
As we embark on this journey through data and insights, let us remain cognizant of our collective role in mitigating
the threats posed by cybercrime. By engaging with the information presented here, we contribute to a safer digital
ecosystem for India, one that fosters innovation while safeguarding against the perils that thrive in the virtual
realm.
01
ABOUT FUTURE CRIME RESEARCH FOUNDATION (FCRF)
The Future Crime Research Foundation (FCRF) is a nonprofit startup incubated at the Indian Institute of
Technology Kanpur (IIT Kanpur). Future Crime Research Foundation (FCRF) was acknowledged in the
“Cyber Security Awareness – Government/NGOs” category of the DSCI Excellence Awards 2021.
FCRF specializes in conducting research in the fields of Cybersecurity, Digital Crime, Fraud Risk
Management, Cyber Laws, and Cyber Forensics. It is duly registered under Section 8 of The Companies
Act, 2013, as well as Section 12A and 80G of The Income Tax Act, 1961.
The core objective at FCRF is to prepare India for the future by fostering greater digital awareness and
establishing a robust ecosystem for a cyber-secure India. FCRF is dedicated to the mission of conducting
in-depth research and providing valuable insights into emerging digital threats. FCRF aim to empower
Indian states, industries, educational institutions, and society at large through knowledge sharing,
capacity building, skill development, and public engagement in the digital realm.
FCRF is committed to tailoring digital solutions to cater to the unique needs of various segments of
society, ensuring that everyone can benefit from a safer and more secure digital environment.
02
CYBERCRIME TREND ANALYSIS
Unveiling The Digital Threat Landscape
In the ever-evolving digital landscape of India, where virtual interactions permeate every aspect of life, a lurking
menace has emerged in the form of cybercrime. Between January 2020 and June 2023, a meticulous analysis of
the cybercrime distribution reveals a fascinating yet unsettling narrative, unveiling the multifaceted dimensions
of this pervasive challenge.
Total 12.02
Total 77.41
Total 1.57
Ransomware 0.07
This subcategory involves individuals impersonating others online to deceive and cheat victims. Impersonators may
pretend to be a trusted person, such as a family member, friend, or professional, to gain financial or personal
advantages. The relatively high percentage in this subcategory suggests that impersonation remains a prevalent
tactic for cybercriminals to exploit victims' trust and manipulate them into fraudulent activities.
This subcategory includes various forms of online harassment, stalking, and unsolicited explicit content sharing
(sexting). It encompasses actions that cause emotional distress, fear, or discomfort to the victims. The significant
percentage here indicates that cyberbullying, stalking, and sexting are concerning issues in the digital realm. The rise
of these crimes may be attributed to the increased use of social media and online communication platforms.
Email phishing involves sending deceptive emails that appear to be from legitimate sources, aiming to trick recipients
into revealing sensitive information or performing actions that benefit the attacker. The relatively low percentage
could be due to improved awareness and security measures against phishing attacks, which has led to reduced
success rates for attackers.
04
Impersonating Email (0.03%):
Impersonating emails involve sending messages that appear to be from a legitimate source but are actually
fraudulent. Attackers may impersonate companies, government agencies, or other entities. The low percentage
could be indicative of the challenges cybercriminals face in crafting convincing impersonation emails, or it could
imply that other tactics are more effective.
This subcategory involves sending threatening or intimidating emails to coerce victims into specific actions or
behaviors. The very low percentage suggests that this tactic is not widely utilized, possibly due to its limited success
rate or increased awareness about such threats.
Online job fraud entails offering fake job opportunities to victims, often requiring upfront payments or personal
information for fraudulent purposes. The moderate percentage indicates that job-related fraud remains a concern,
potentially exploiting individuals' desperation for employment.
This subcategory involves fraudulent activities on online matrimonial platforms, where individuals may be deceived
into false relationships for financial or personal gains. The low percentage suggests that this form of cybercrime is
less common, possibly due to increased caution exercised by users on such platforms.
Profile hacking and identity theft involve unauthorized access to personal online accounts or stealing individuals'
personal information for malicious purposes. The relatively high percentage indicates that cybercriminals continue
to exploit vulnerabilities in online profiles, possibly due to weak passwords or insufficient security measures.
05
Online Financial Fraud
Total: 77.41%
Online financial fraud holds the major chuck of 77.41% of the total cybercrime ecosystem. Financial frauds
encompasses a range of cybercrimes aimed at exploiting individuals' financial information and assets
through various digital platforms. The data indicates a concerning trend in cybercriminal activity related to
financial fraud in India over the analyzed period. Below are its sub categories:
This involves attackers gaining unauthorized access to business email accounts to conduct fraudulent activities, such
as requesting unauthorized money transfers, altering invoices, or stealing sensitive information. While the
percentage is relatively low, it's worth noting that this form of attack can result in significant financial losses and data
breaches.
Debit and credit card fraud includes instances where criminals steal card information to make unauthorized
transactions. Sim swap fraud involves attackers manipulating telecom providers to transfer a victim's phone number
to a SIM card under their control, giving them access to sensitive authentication codes. The double-digit percentage
suggests that card-related fraud remains a significant threat.
This category involves fraudulent activities related to demat accounts, which hold securities electronically. Fraudsters
might manipulate these accounts to conduct unauthorized trades, siphoning off investments or making false
transactions. The relatively low percentage implies that this form of fraud is less prevalent compared to others.
E-wallets are popular digital payment platforms in India. Fraudsters might exploit security vulnerabilities or trick
users into revealing their account information to steal funds. The percentage indicates a moderate prevalence of this
type of fraud.
06
Fraud Call/Vishing (5.32%)
Fraudulent calls or "vishing" involve scammers impersonating legitimate individuals or organizations to manipulate
victims into revealing personal or financial information over the phone. The percentage suggests a significant
presence of this socially engineered attack.
Cybercriminals exploit weaknesses in online banking systems to conduct unauthorized transactions, access account
information, or carry out phishing attacks. The percentage reflects a notable threat to online banking security.
Unified Payments Interface (UPI) fraud involves attackers exploiting vulnerabilities in India's widely used real-time
payment system to conduct unauthorized transactions. The substantial percentage signifies UPI fraud as the most
prevalent form of online financial fraud during the analyzed period.
07
Hacking/Damage to Computer, Computer System, etc.
Total: 1.57%
This category primarily deals with crimes related to unauthorized access, tampering, and damage to
computer systems. The total value of 1.57 represents the number of reported incidents during the specified
time frame. Below are its sub categories:
This subcategory involves acts of intentionally causing harm to computer systems or physical damage to computing
devices. It's noteworthy that the low percentage suggests that this subcategory might not be as prevalent compared
to others. The relatively small number of cases might indicate that cybercriminals are more focused on exploiting
other vulnerabilities or gaining unauthorized access.
E-mail hacking involves unauthorized access to someone's email account, often to steal sensitive information, gain
control of the victim's online presence, or engage in phishing attacks. The higher percentage suggests that email
hacking is a relatively common cybercrime, possibly due to the widespread use of email for communication and the
potential for attackers to exploit email accounts for various malicious purposes.
Tampering with computer source documents indicates that cybercriminals are altering or modifying the source code
or documents related to computer systems. This activity could lead to vulnerabilities, data breaches, or even system
crashes. The low percentage suggests that this subcategory might not be as prevalent, but it's crucial to address as
even a small number of incidents could have significant consequences.
This subcategory involves unauthorized access to computer systems or databases, leading to potential data
breaches. It's alarming that this has one of the higher percentages, indicating that unauthorized access and data
breaches are significant concerns. The data breaches could lead to the exposure of sensitive information, financial
loss, and privacy violations.
Website defacement or hacking refers to altering the appearance or content of a website without permission. This
could be motivated by political, ideological, or malicious reasons. The relatively low percentage suggests that while
website defacement is an issue, it might not be as common as other forms of cybercrime.
08
Online Cyber Tra cking (0.13%)
Online cyber trafficking refers to illegal activities involving the
online trade of goods, services, or information. This category
includes activities like illegal arms trade, human trafficking, and
other illicit transactions. The low percentage (0.13%) suggests
that this category of cybercrime is relatively less common during
the given time frame. It could be an indication of law enforcement
efforts to combat these activities or the nature of these crimes
being more discreet.
Ransomware (0.07%)
Ransomware attacks involve infecting computer systems and
encrypting files, demanding a ransom from the victim to provide
the decryption key. The low percentage (0.07%) suggests that
ransomware attacks, while serious and damaging, are relatively
less common in the Indian cybercrime landscape. This could be
due to increased awareness among users, improved
cybersecurity measures, or effective incident response strategies.
09
Cyber Terrorism (0.16%)
Cyber terrorism involves the use of technology to carry out acts of
terror or cause disruption. This category's percentage (0.16%)
suggests that cyber terrorism incidents are relatively infrequent
in India, potentially due to effective cybersecurity measures, law
enforcement efforts, and vigilance against such threats.
10
TOP 10 CYBERCRIME EPICENTERS
This analysis focuses on the top 10 districts in India that are most prone to cybercrime, as identified in the
whitepaper. Understanding the key factors contributing to cybercrime in these districts is essential for
devising effective prevention and mitigation strategies.
The following districts are the top contributors to cybercrime in India, collectively accounting for 80% of
reported incidents:
01 Bharatpur 18%
02 Mathura (12%) 12%
03 Nuh (11%) 11%
04 Deoghar (10%) 10%
05 Jamtara (9.6%) 9.6%
The analysis of the top 10 cybercrime-prone districts in India reveals several common factors contributing
to their vulnerability. These include geographical proximity to major urban centers, limited cybersecurity
infrastructure, socioeconomic challenges, and low digital literacy. Addressing these factors through
targeted awareness campaigns, law enforcement resources, and educational initiatives is crucial to
reducing cybercrime rates in these districts and enhancing the overall cybersecurity landscape in India.
11
Bharatpur (18%)
Key Factors
High cybercrime rate in Bharatpur may be attributed to its proximity to major urban centers like Delhi and
Jaipur, making it a potential hub for cybercriminal activities.
Lack of awareness and digital literacy among the population may contribute to vulnerability.
Economic factors, such as limited employment opportunities, might drive individuals towards cybercrime as a
means of income.
Mathura (12%)
Key Factors
Mathura's significant cybercrime rate could be linked to its status as a prominent tourist destination and the
associated financial transactions, making it an attractive target for cybercriminals.
Limited cybersecurity infrastructure and awareness among businesses and individuals could exacerbate the
problem.
Nuh (11%)
Key Factors
Nuh's elevated cybercrime rate may be influenced by its proximity to the National Capital Region (NCR), which
attracts both cybercriminals and potential victims.
Socioeconomic challenges in the region may contribute to cybercrime as an illicit source of income.
Deoghar (10%)
Key Factors
Deoghar's cybercrime rate could be linked to insufficient law enforcement resources and a lack of specialized
cybercrime units.
Limited digital literacy and awareness among the local population may make them more susceptible to online
scams.
Jamtara (9.6%)
Key Factors
Jamtara is infamous as a hub for cybercriminal activities, particularly related to online fraud and phishing.
A culture of cybercrime may have developed in the area, with well-organized criminal networks operating
from there.
12
Gurgaon (8.1%)
Key Factors
Gurgaon's high cybercrime rate is likely influenced by its status as a major corporate and IT hub, making it an
attractive target for cybercriminals seeking valuable data or financial gains.
Despite its economic affluence, disparities in digital literacy and cybersecurity awareness may persist among
Gurgaon's diverse population.
Alwar (5.1%)
Key Factors
Alwar's moderate cybercrime rate could be attributed to its location between Delhi and Rajasthan, making it a
potential transit point for cybercriminals.
Limited cybersecurity infrastructure and awareness in smaller towns within the district may contribute to
vulnerability.
Bokaro (2.4%)
Key Factors
Bokaro's cybercrime rate might be associated with a lack of specialized cybercrime units and resources for law
enforcement agencies.
Economic challenges in the region may drive individuals towards cybercrime as an alternative source of
income.
Limited access to digital education and cybersecurity resources may leave the population susceptible to
online fraud.
Giridih (2.3%)
Key Factors
Giridih's cybercrime rate could be linked to its relatively remote location and limited law enforcement
presence, making it an attractive location for cybercriminal operations.
Lack of digital literacy and awareness may contribute to the vulnerability of the local population.
13
CYBER CRIMINALS HOTSPOTS & NATURE OF CRIMES
This provides an overview of the types of cybercrimes prevalent in specific regions, highlighting the need
for targeted strategies and awareness campaigns to combat these threats effectively.
14
EMERGING CYBER CRIME HOTSPOTS
While established cybercrime hubs continue to pose significant threats, the emergence of new hotspots
demands our attention and proactive measures. These emerging cybercrime hotspots represent regions
where various forms of digital criminal activity are on the rise, often catching both law enforcement
agencies and the public off guard.
Karnataka Bengaluru
15
State/Union Territory Emerging Cyber Crime Hotspots
Tripura Dhalai
The alarming surge in cybercrime incidents in recent years can be attributed to a complex interplay of
various factors:
Low Skills Required: Decreasing technical barriers to entry allow individuals with limited expertise to engage in
cybercriminal activities using readily available hacking tools and malware.
Poor KYC and Verification: Inadequate Know Your Customer (KYC) and verification processes on online
platforms enable criminals to create fake identities, making it challenging for law enforcement to trace them.
Availability of Fake Resources: Easy access to fake accounts and rented SIM cards on the black market allows
cybercriminals to operate anonymously, complicating efforts to track and prosecute them.
Affordable AI Tools: The affordability of AI-driven cyberattack tools empowers criminals to automate and scale
their attacks, increasing their efficiency.
Accessible VPNs: Virtual private networks (VPNs) provide anonymity for cybercriminals, making it difficult for
authorities to trace their online presence and location.
Recruitment and Training: Unemployed or underemployed individuals are recruited and trained by
cybercrime syndicates, creating a growing pool of potential criminals.
16
COMPREHENSIVE
MITIGATION STRATEGIES:
SAFEGUARDING
INDIA'S DIGITAL LANDSCAPE
17
Strengthening Cybersecurity Infrastructure
Implement robust cybersecurity protocols across critical infrastructure, financial institutions, and government
entities to prevent unauthorized access, data breaches, and hacking attempts.
Regularly update and patch systems, software, and applications to safeguard against known vulnerabilities that
cybercriminals exploit.
Employ multi-factor authentication and strong encryption mechanisms to enhance the security of sensitive data
and accounts.
Foster a culture of cyber hygiene through training programs, emphasizing password management, secure
browsing, and responsible online behaviour.
Educate users on the risks associated with online gambling, cyber trafficking, and other emerging forms of
digital exploitation.
Collaborative Approach
Promote public-private partnerships to share threat intelligence, best practices, and insights, enabling swift
responses to evolving cyber threats.
Establish forums for regular collaboration among cybersecurity professionals, law enforcement agencies,
businesses, and government bodies to devise effective countermeasures.
Establish ongoing training modules and workshops to keep law enforcement personnel up-to-date with evolving
cyber threats and trends.
Invest in building a cadre of digital forensics experts within law enforcement agencies to efficiently collect and
analyze digital evidence.
18
Regulatory Framework and Law Enforcement
Develop and enforce stringent regulations that hold organizations accountable for data breaches and
security lapses, incentivizing investments in cybersecurity.
Strengthen cybercrime laws and streamline legal processes to ensure swift and effective prosecution
of cybercriminals.
International Cooperation:
Collaborate with international organizations and law enforcement agencies to combat cross-border cybercrime
effectively.
Establish diplomatic initiatives to address cyber threats on a global scale, sharing insights and resources to
collectively counter cyber terrorism and transnational cybercrime.
Develop comprehensive incident response plans to ensure swift and coordinated actions in the event of a cyber
attack, minimizing potential damage and downtime.
Implement blockchain-based solutions for secure transactions, thereby mitigating the risks associated with
cryptocurrency-related crimes.
The rise and everchanging pattern of cybercrime in India underscores the critical importance of a multi-faceted
and collaborative approach to mitigation. By combining technical measures, user education, policy reforms,
and international cooperation, India can bolster its defences against cyber threats. As digital technology
continues to advance, an unwavering commitment to cybersecurity is imperative to ensure a safe and secure
digital future for all citizens.
19
CONCLUSION
In the ever-shifting landscape of cyberspace, where
innovation and vulnerability coexist, the analysis of
cybercrime trends spanning January 2020 to June 2023,
paints a vivid portrait of the challenges that lie ahead.
This whitepaper has journeyed through the intricacies of
cyber threats, offering insights that guide us toward a
safer and more secure digital future for India. As the
nation embraces technological advancements, it must
simultaneously strengthen its defences against the
rising tide of cybercrime.
20
MESSAGE FROM THE FOUNDERS
21
Note: Data Sources and Objectives
We would like to emphasize that this whitepaper is a product of meticulous research and
analysis conducted using a wide array of reputable and publicly available sources. Our approach
has been to draw upon data from various authoritative platforms, including government
websites such as the National Crime Records Bureau (NCRB), parliamentary statistics, well-
founded media reports, insights shared by cyber experts, crime monitoring organizations, and
esteemed think tanks. These credible sources have collectively provided the foundation for our
comprehensive examination of the cybercrime landscape in India.
The sole objective of integrating this diverse and reliable data is to illuminate the intricate
patterns and trends within cybercrime in the country. Our aim is to offer a holistic
understanding of the evolving threat landscape that India faces in the digital realm. By
synthesizing this information, we seek to contribute to the collective knowledge and awareness
necessary for informed decision-making, policy formulation, and the implementation of
effective cybersecurity measures.
It is important to note that the utilization of this data is driven solely by our commitment to
transparency, accuracy, and unbiased reporting. Our intention is to shed light on the
multifaceted dimensions of cybercrime while fostering a deeper comprehension of its impact on
Indian society. This whitepaper does not aim to sensationalize or exaggerate the issue but rather
to provide a factual representation of the challenges that need to be addressed in the realm of
cybersecurity.
We remain steadfast in our commitment to responsible and ethical data sourcing, analysis, and
presentation, with the overarching goal of contributing meaningfully to the ongoing dialogue
about cybercrime and its implications for India's digital future.
For any questions or further clarifications about our data sources, methodologies, or objectives,
please feel free to reach out.