26th

29 th February 2024
Feb 2024

*Reference links mentioned on last page of report Page 1 of 24

 National

S. No. News Source

1. Telangana man arrested for impersonating high-profile figures, BNN Breaking

soliciting money on social media

2. Addicted to gaming, in Hyderabad engineering student ends life Times of India

as loan app debts pile up

3. Cyber fraudsters in India, handlers in Hong Kong, Dubai Hindustan Times

4. The Cyberabad cybercrime police arrested three persons on Telangana Today

charges of cheating people on pretext of fake franchise of ITC
Company.

5. What is the ‘Digital Arrest’ Scam? Tips to safeguard yourself News Mobile
against cyber deception

6. People of Visakhapatnam lost a whopping 10 crore to cyber Times of India

frauds

7. Farmer in India tries to buy discounted cows online, loses Rs India Today
22,000 in new scam

8. 65 bank accounts found frozen after pan-India misuse in cyber Hindustan Times
fraud

9. Navi Mumbai Woman Loses Rs 1.92 Crore to Online Share BNN Breaking
Trading Scam

*Reference links mentioned on last page of report Page 2 of 24

 International

S. No. News Source

Analyzing the email security landscape and exploring Security Affairs
1.
emerging threats and trends.

Analyzing the email security landscape and exploring

2. VGC News
emerging threats and trends.

*Reference links mentioned on last page of report Page 3 of 24

 National
Telangana Man Arrested for Impersonating High-Profile
Figures, Soliciting Money on Social Media
The Cyber Cell of Hyderabad police
Hyderabad police arrest 22-year-old Jafru for
embarked on a meticulous investigation after
creating fake social media accounts posing as
receiving complaints about fake social media
prominent figures, shedding light on the
profiles. Jafru's strategy involved the creation
dangers of online impersonation. Explore the
of counterfeit accounts on various social
challenges of combating cybercrime and the
media platforms, including Facebook and
importance of vigilance in the digital age.
Instagram. By adopting the identities of well-
respected figures in society, he exploited the
In a significant crackdown on cybercrime,
trust and
Hyderabad
respect these
police have
names
apprehended
command.
22-year-old
The
Jafru for
investigation
creating fake
revealed that
social media
Jafru not only
accounts
sent
masquerading
inappropriate messages to individuals but
as IAS and IPS officers, MPs, MLAs, and
also solicited money under false pretenses,
doctors, engaging in fraudulent solicitation of
showcasing a disturbing abuse of digital
money. The arrest was prompted by a
platforms for personal gain.
complaint about impersonation of CV
Anand, IPS. The Cyber Cell's investigation
Jafru's arrest underscores the challenges law
led to the seizure of four mobile phones,
enforcement faces in the digital age. As
shedding light on Jafru's deceitful activities
technology becomes increasingly integrated
and the wider issue of online impersonation.
into daily life, its misuse for fraudulent
activities has become a pressing concern. The
The Art of Deception

*Reference links mentioned on last page of report Page 4 of 24

case highlights the ease with which
individuals can assume false identities
online, challenging the perception of security
in digital interactions. Law enforcement
agencies are thus compelled to adapt rapidly,
employing sophisticated techniques to trace
and apprehend cybercriminals who exploit
the anonymity afforded by the internet.
Implications and Future Outlook
This incident not only brings to light the
darker aspects of social media but also
emphasizes the need for heightened vigilance
among users. It serves as a stark reminder of
the potential dangers lurking online and the
importance of critically assessing
authenticity of digital personas.
cybercrimes become more sophisticated, the
Addicted to gaming, in Hyderabad engineering student
ends life as loan app debts pile up
Gaming addiction and pressure to clear
money borrowed for playing games allegedly
led a 20-year-old aeronautical engineering
student to take his life at his home in
Gudimalkapur on Monday.
His family also alleged that he was being
harassed by loan app agents. Police said they
did not find any suicide note and are yet to
confirm the loan app harassment claim.
*Reference links mentioned on last page of report
onus is on both individuals and platforms to
safeguard against such fraudulent activities.
The ongoing investigation into Jafru's case
may reveal further insights into the
mechanisms of online impersonation,
potentially aiding in the development of more
robust countermeasures against cyber fraud.
The arrest of Jafru by the Hyderabad police
marks a significant step in the fight against
cybercrime, shedding light on the intricate
web of deceit spun by individuals exploiting
digital platforms for illicit purposes. As
society continues to grapple with the
implications of our digital lives, this case
prompts a reflection on our collective
the
responsibility to foster a safer online
As
environment.
Selam Manoj was a third year student of
Institute of Aeronautical Engineering,
Dundigal, and his exams were going on,
Gudimalkapur police said. He had an exam
on Tuesday too. Cops said that he had taken
loans from various sources, including his
friends.
"Manoj had got addicted to playing online
games. Despite being warned by his family,
he continued to play by borrowing money.
Page 5 of 24
He appears to have lost a lot of money," SI
Rajender Singh told TOI.
The SI said that in November his father
Balakrishna had come to know about his
gaming loan from his friends and had cleared
3 lakh. On Monday, his father, a carpenter,
had gone for work in the morning and in the
afternoon his mother had gone to a function,
leaving Manoj alone. It was in the absence of
his family that he ended his life, cops said.
"When Manoj's brother returned home, he
found the door locked from inside. When he
looked inside from the window, he saw
Manoj's body. He called his father and they
broke the door to enter the house," Singh
said.
Cyber fraudsters in India, handlers in Hong Kong, Dubai
Seductive advertisements on social media
offering work-from-home opportunities and
big returns from stock market investments
are all-too-common cyber frauds
encountered by many. A recent investigation
by the Mumbai police cyber branch has
revealed that these, as well as other major
cybercrimes, are being operated from places
like Hong Kong and Dubai, and Indian
nationals involved in the frauds transfer the
money to their bosses in the foreign countries
via cryptocurrency.
*Reference links mentioned on last page of report
Though police claimed there was no
information on harassment by loan app
representatives, his father, while speaking to
media, said that Manoj had taken around
60,000 from loan apps and to clear it he had
started taking loans from outside.
"It was due to the torture of loan app
representatives he killed himself,"
Balakrishna said. SI Singh, however, said
that the family had informed them only about
loans taken from his friends and his addiction
to online games. "They did not tell us about
loan app harassment," he said.
According to cyber branch statistics, in
January 2024, 368 major cybercrime cases
were registered, of which only 38 cases were
solved. In 2023, 4,169 cybercrime cases were
registered in the city.
“The major cyber rackets operating
presently are share market investment scams,
part-time job cons, KYC update frauds,
sextortion frauds, credit card or bank account
update frauds, matrimonial frauds, gift frauds
and courier frauds,” said a police officer who
has been probing cyber fraudsters for the past
few years. “The other scams don’t yield that
Page 6 of 24
much money but in the share market and part-
time job frauds, the earnings usually run into
crores.”
A Matunga police cyber team headed by
DCP Prashant Kadam, Inspector Deepak
Chavan and API Digambar Pagar recently
arrested two persons identified as Ashish
Ghantala, 32, and Sanjay Patel, 43, both
residents of Surat in Gujarat who were
running a racket to lure people with high
returns on share market investments. On
interrogating them, the police arrested two
more persons—Kaval Malhotra, 45, and
Ayush Malhotra, 21, both residents of North
Delhi.
The case was registered based on a complaint
lodged by Radha Pillai, 46, a resident of
Matunga who was cheated of ₹49 lakh in the
name of stock market investment. “While
investigating Pillai’s complaint and tracing
the bank accounts involved in the
commission of the fraud, we traced the Surat
residents and found that they were the ones in
whose names the accounts were opened by
the fraudsters,” said a police officer
associated with the probe. “Once the money
reached Surat, it was withdrawn in cash from
ATMs immediately and then dispatched to
Delhi through hawala channels. From Delhi,
the money was transferred to Dubai and
*Reference links mentioned on last page of report
Hong Kong, where the masterminds behind
the rackets are based, via cryptocurrency.”
The police officer said that the accused had
used more than 50 bank accounts in the last
three months. When they checked the
accounts, they found that around ₹25 crore
had moved through them in just two months,
and therefore suspected that the money was
transferred to foreign countries. “This was
the volume of money accumulated by one
gang in barely two months,” said the officer.
“There are several such gangs operating from
foreign destinations so you can imagine the
money earned.” Deepak Chavan, senior
inspector at Matunga police station, said that
the police managed to freeze ₹20 lakh found
in one of the bank accounts.
“The government needs to understand that
the money going to foreign countries like this
is a national loss, apart from the individual
losses,” said cybercrime investigator and
expert Ritesh Bhatia. “We have seen that
various illegal applications used by cyber
fraudsters have Chinese codes, and it is clear
that the racket in question was being operated
from Hong Kong. Apart from concentrating
on awareness, the government also needs to
take stringent steps to stop this digital
pandemic through which we are losing crores
of rupees to foreign countries.”
Page 7 of 24
The police said that in stock market frauds,
the victims were mostly lured through
advertisements on social media. “After the
unsuspecting victims contact the telephone
number given in the advertisement, their
mobile number is added to a WhatsApp or
Telegram group,” said the officer. “They are
then asked to download some applications
and once they do that, the accused can
monitor all the activity on their mobile
phones.”
The officer added that after tracking the
activities on the victims’ mobile phones, the
frauds would lure them to invest in certain
shares. “The victims generally start with
small sums and soon earn unbelievably high
returns,” he said. “The returns are reflected in
the virtual accounts visible in the applications
and in most cases, the victims are even
allowed to withdraw the amounts, prompting
them to invest even higher sums.”
However, after investing sizable amounts,
when the victims try to withdraw amounts
from their virtual accounts, they cannot. They
are then given various excuses, right from
technical glitches to the accounts being
frozen by authorities and so on. The victims
are then asked to pay more money as charges
for getting the accounts restored.
*Reference links mentioned on last page of report
In part-time job scams, victims are usually
lured by advertisements on social media.
They are initially given simple tasks like
‘liking’ videos and are paid a few hundred
rupees for this. Later, they are asked to
participate in “paid tasks” where they deposit
some money and get paid double or more
after completing the tasks. “For the first few
tasks, the scamsters pay them,” said the
police officer. “However, once the
complainant invests sizable amounts, the
defrauding begins.”
Cyber fraudsters operate through bank
accounts opened by dubious means, and there
are several gangs whose sole work is to get
these accounts opened using either bogus or
fraudulently obtained documents. “These
gangs operate from Mumbai, Navi Mumbai,
Surat, Ahmedabad, Gandhinagar, Kerala and
Vijay Nagar (Rajasthan),” said the police
officer. “Earlier, the accounts were required
by businesses for committing GST frauds and
operating hawala channels; now such
accounts are opened and provided only to
cyber frauds.”
The bank-account gangs have several tricks
up their sleeve. Sometimes, they take
commercial premises on rent for a month or
two and use the rent agreements to open
several current bank accounts. “They also
Page 8 of 24
pay ₹10,000 to ₹20,000 to unsuspecting
people to provide their identity documents
for opening bank accounts,” said the police
officer. “The accounts are then used by the
scamsters for a commission ranging from
five per cent to 10% of the money deposited.”
The police usually track down the bank
account-holders and in some cases the
middleman and hawala or crypto agents, but
the trail goes cold here. “We cannot reach the
masterminds in foreign destinations to whom
money is sent through virtual currency,” said
the officer.
Conning the conner
The police, in their investigations, have
found that the foreign handlers are majorly
dependent on Indians to get their money via
crypto currency. They pay commissions at
various levels: to the men who provide them
with bank accounts, to hawala operators who
transfer the cash within the country, and to
crypto operators who finally transfer the
money to foreign destinations.
“Earlier the foreign handlers used to acquire
bank accounts from Deeg in Rajasthan,” said
*Reference links mentioned on last page of report
the police officer. “However, now these are
being acquired from either Mumbai, Kerala
or Surat. The reason is that the Rajasthan-
based gangs, once they had huge sums of
money deposited in the bank accounts, would
simply refuse to transfer them further,
knowing full well that the scamsters sitting in
Hong Kong or Dubai would not be able to act
against them in any manner.”
The government has already put out a
cybercrime helpline number, 1930, apart
from the cybercrime portal where people can
lodge complaints about cyber frauds. The
fraudulent bank accounts can be frozen if the
victims report the incidents with the golden
hours. “However, in the case of stock market
frauds and part-time job frauds, this is not
possible, as by the time the complainants
learn that they have been cheated, the money
has been transferred to Dubai or Hong
Kong,” said the police officer.
The police said that apart from awareness, the
government needed to do much more, with
the help of agencies like banks, mobile
companies and foreign agencies, to stop
cyber frauds.
Page 9 of 24
The Cyberabad cybercrime police arrested three
persons on charges of cheating people on pretext of fake
franchise of ITC Company.
The Cyberabad cybercrime police arrested
three persons on charges of cheating people
on pretext of fake franchise of ITC Company.
Following a complaint from a city-based
businessman, the police took up investigation
and identified that the franchise fraud was
being operated from Patna in Bihar.
Subsequently Cybercrime arrested the main
organiser Dheeraj Kumar and his associates
Ankit Kumar and Gaurav Kumar. According
to the police, the suspects created a fake
website of the company and posted it on
social media attracting people.
What Is The ‘Digital Arrest’ Scam? Tips To Safeguard
Yourself Against Cyber Deception
As technology advances, cybercriminals are
finding new ways to exploit vulnerabilities.
A new wave of cybercrime, known as ”
Digital Arrest” fraud, has surged into the
spotlight, leaving victims vulnerable to
scams orchestrated by impersonators posing
as law enforcement officials.
These perpetrators, posing as local police or
customs agents, instil fear in unsuspecting
individuals by falsely accusing them of
*Reference links mentioned on last page of report
“Whenever a person looking to venture into
franchise business searches on Google, this
website will be thrown up first on ads. When
the person visits the website, he is asked to
fill some details via registration form.
Gathering these details, the tele-callers
connect with the victims as employees of ITC
and convince them to take the franchise,”
said an investigation official.
In the process the victims pay registration fee
and processing fee to the tune of lakhs of
rupees and end up being cheated, the official
added.
various legal infractions, leading them to
believe they are on the verge of facing digital
arrest. Exploiting the panic and confusion of
their targets, the scammers employ coercive
tactics, pushing victims into hastily
attempting to settle supposed lawsuits to
evade fictitious legal consequences.
The modus operandi of these cybercriminals
involves leveraging digital communication
channels, such as video messages or calls, to
Page 10 of 24
intensify the sense of urgency and Verifying information independently serves
intimidation. Exploiting existing loopholes in as another crucial safeguard against potential
the digital landscape, these fraudsters employ fraud or manipulation. Seeking confirmation
deceptive tactics to coerce individuals into from local law enforcement agencies or legal
paying money under the threat of digital authorities through established channels
arrest. helps validate the legitimacy of any claims
made. Genuine law enforcement interactions
One such case was seen in Faridabad where a
adhere to official protocols, underscoring the
23-year-old resident lost Rs 2.5 lakh to
importance of independent verification to
hackers posing as customs agents in a recent
safeguard against deceptive practices.
“digital arrest” fraud case. The victim was
deceived into believing she was involved in a Furthermore, individuals should exercise
passport trafficking case and faced “digital caution and employ discretion when
arrest” unless she paid Rs 15 lakh. communicating with purported law
Succumbing to pressure, she paid Rs 2.5 lakh enforcement representatives. Legitimate
and was advised not to log out of Skype agencies primarily engage through official
during the encounter. channels, emphasizing the need for proactive
verification measures.
Things To Keep In Mind To Avoid Such
Scams: In instances of doubt or suspicion,
individuals are encouraged to independently
One critical step involves verifying the
contact the relevant agency using publicly
identity of the individual asserting to be from
available contact information, ensuring
the law enforcement by requesting official
transparency and accountability in all
credentials and contact details. Maintaining
interactions.
composure and questioning the authenticity
of the situation can provide clarity in Safeguarding against cyber threats has
uncertain circumstances. Authentic legal become paramount. Implementing robust
matters typically follow formal procedures cyber hygiene practices serves as the
rather than resorting to immediate threats, frontline defense against potential breaches.
prompting individuals to remain vigilant and Regularly updating passwords and software,
discerning. coupled with enabling two-factor
authentication, are crucial steps to mitigate

*Reference links mentioned on last page of report Page 11 of 24

the risk of unauthorized access to personal Monitoring online services for any signs of
accounts and sensitive data. unauthorized or unlawful activities is
imperative. Setting up alerts for changes to
Refraining from clicking on suspicious links
account settings or login attempts facilitates
or downloading attachments from unknown
early detection of cybercrime, enabling
sources is essential. Verifying the legitimacy
prompt action to mitigate potential damage.
of emails and messages before divulging any
personal information adds an extra layer of Additionally, employing secure
security. communication channels, such as encryption
methods, is essential for safeguarding
Ensuring the security of devices is another
sensitive information from interception by
critical aspect of digital protection. Installing
malicious actors. Caution should be
reputable antivirus and anti-malware
exercised when sharing passwords and other
solutions and keeping operating systems and
confidential details, especially in public
applications up to date with the latest security
forums where the risk of interception is
protocols are vital practices. By maintaining
higher.
secure devices, individuals can significantly
reduce their susceptibility to cyber attacks.

People of Visakhapatnam lost a whopping 10 crore to

cyber frauds
People of Visakhapatnam lost a whopping 10 reported in city, accounting to a loss of
crore to cyber frauds in just two months around 10 crore.
which on average is over 15 lakh per day. The
Of this, a small amount was recovered by the
city reported more than 40 major cybercrime
enforcement officials.
incidents in the past two months. Police have
issued an advisory about a new type of scam
Cybercrooks generally dupe netizens of their
dubbed ‘online trading scam’ which has
money in the guise of scheme, task games,
emerged this year.
investment offers, etc. A 50-year-old man
from the city lost 64 lakh in an investment
Between January 1 and February 26, 2024,
fraud, where he was lured by fraudsters with
more than 50 complaints of cybercrimes were
a promises of high return on his investment.

*Reference links mentioned on last page of report Page 12 of 24

In another case, a group of people lost over
83.26 crore in a trading fraud, where they
were lured by high investment returns
through online apps.
More than 410 cybercrime cases were
reported in Visakhapatnam in 2023 in which,
fraudsters stole over 31.7 crore from people.
with them and persuade them to invest by
offering them free stocks trading tips. After a
week or ten days, the victims are asked to
install trading applications provided by the
fraudsters for further guidance in trading
stocks and earning high profits,” said K
Bhavani Prasad, inspector of cybercrimes
police station in the city.

In 2022, people in city lost about 16 crore in

“The victims install applications which are
610 cybercrime cases. Apart from the online
not registered under SEBI. They register and
part time jobs, most complaints pertained to
start stock trading based on the suggestions
downloading mirror apps. Scammers have
of the fraudsters. They deposit the amount
been innovating different ideas to steal
sought to buy the shares into bank accounts
money from their victims as with
mentioned by the fraudsters. Fake profits are
digitalisation many people prefer online
displayed in their digital wallet and later, they
transactions for daily payments.
fail to withdraw the deposited money and
lose the amount,” he added.
“Trading frauds have been increasing in the
city for the past few weeks. In this scam,
Police advised public to be aware of
netizens receive some advertisements about
investment scams and asked them to avoid
free trading tips classes on social media
suspicious links, social media calls and
platforms. On clicking on the link, they get
trading-related messages from unknown
redirected to some unknown social media
people
group where the scammers communicate
.

Farmer in India tries to buy discounted cows online,

loses Rs 22,000 in new scam
India is progressing in the digital world.
From gadgets to groceries, everything is
available to buy online and at competitive
prices. However, not everything we see
online is legitimate. This growing digital
space is also harbouring scammers who are
looking to prey on unsuspecting individuals,
and dupe them of money. Just like how in a

*Reference links mentioned on last page of report Page 13 of 24

recent case a dairy farmer from Gurugram Sukhbir continued to make payments, the
ended up losing money while buying cows scammers demanded additional funds,
online. raising red flags. Later, when the scammers
asked for more money, Sukhbir realised that
The case was recently highlighted in a report
the offer was fraudulent, and no actual cows
by the Indian Express, where a 50-year-old
were available for purchase. Later, he filed a
dairy farmer named Sukhbir, residing in
complaint under Indian Penal Code sections
Gurgaon's Pandala, unfortunately fell victim
419 and 420 for cheating against unknown
to an elaborate online scam. His son, Parveen
persons.
(30), described the incident where his father
lost money while attempting to buy cows While online scams have been raising
online at a heavy discount compared to concerns about digital security, this case in
offline rates. Parveen revealed that his father particular highlights how far scammers are
was using his phone and watching YouTube willing to go to deceive people.
videos when he stumbled upon a website on
Here are a few essential tips to stay safe
Google offering cows at a significantly lower
from such scams:
price of Rs 95,000, compared to the usual
offline price of around Rs 1 lakh. Though
 Verify sellers: Always verify the
unsure how his father got the link to the
credentials and authenticity of
website, whether through an ad or a number,
sellers, especially when dealing with
when his father tried to inquire about the
online transactions. Look for
deal, the scammers started sending him
reviews, ratings, and testimonials
photos of cows on WhatsApp and initially
from previous customers.
quoted a price of Rs 35,000. When Sukhbir
 Avoid unrealistic offers: Be cautious
expressed interest in buying four cows, the
of deals that seem too good to be
price was reduced to Rs 95,000, with the false
true. Unrealistically low prices may
promise that the cows would be registered
indicate a scam.
under a gaushala.
 Use secure payment methods:
Choose secure payment methods that
Believing it to be a legitimate deal, Praveen's
offer buyer protection, such as credit
father made transactions totaling Rs 22,999
cards or trusted online payment
between January 19 and 20. However, as
platforms. Avoid making payments

*Reference links mentioned on last page of report Page 14 of 24

 through unconventional or
untraceable channels.
 Confirm details and locations: Before
making any payments or
commitments, verify details such as
65 bank accounts found frozen after pan-India misuse in
cyber fraud
Sixty-five bank accounts allegedly opened by
two deputy managers and an assistant
manager of a private bank’s MG Road branch
were frozen on directions of various law
enforcement agencies for their misuse in
cyber frauds pan India, police said on
Wednesday.
Police said the number of accounts with a
freeze on them would climb much beyond 65
once details of more accounts used in
cybercrimes emerged as part of the
investigation. (Representational Image)
The facts emerged on Wednesday when
police received responses to several queries
made to the bank after the arrest of three of
its executives for their alleged connivance
with a large Nuh-based cyber fraud gang,
said deputy commissioner of police
(cybercrime) Siddhant Jain.
Jain said that the number of accounts with a
freeze on them would climb much beyond 65
*Reference links mentioned on last page of report
the seller's identity, location of the
goods, and terms of the transaction.
Be wary of sellers who are reluctant
to provide clear information.
once details of more accounts used in
cybercrimes emerged as part of the
investigation.
Assistant manager Mohit Rathi was arrested
from Bilaspur on February 21, deputy
managers Mahesh Kumar from Kalwadi on
February 22 and Vishwakarma Maurya from
Manesar along with cybercriminal
Mohammad Hayat from Mewat on Monday
during the investigation of a cyber fraud case
of ₹10000 involving a retired Border Security
Force (BSF) personnel which was registered
at the Cybercrime police station (Manesar)
on February 17.
Jain said that the account at MG road branch
in which the amount of ₹10000 was
transferred was opened in the name of
Mohammad Mustafa, an employee of a
warehouse in Bilaspur who didn’t have an
inkling that such an account exists in his
name.
Page 15 of 24
“The bank executives had linked a mobile
phone number provided by Hayat with the
account issued in the name of one Ravi
Kumar of Sambhal, Uttar Pradesh,” DCP Jain
said. He said that police suspected that either
the SIM card was issued based on forged
documents or Ravi’s documents were
misused to get the connection.
“A team will head to Sambhal for physical
verification of the address and the person.
Some SIM card retailers are also under our
scanner. At least, 20 SIM cards were found to
be used for opening fraudulent accounts by
the three executives whose addresses will be
verified,” he said.
Investigators said that when questioned,
Maurya denied opening any forged account
but several of the 65 frozen accounts were
activated using his internal banking login ID.
Investigators said at least 2000 bank accounts
were opened by Kumar, Maurya and Rathi in
the last seven months and investigation was
on with the bank’s help to ascertain exactly
how many of them were fake and internet
banking details and debit cards of how many
people were supplied to the gang in Nuh via
Hayat. For every account kit supplied to the
gang, the executives received ₹15000 cash,
sent to them via Hayat.

Navi Mumbai Woman Loses Rs 1.92 Crore to Online

Share Trading Scam
A 48-year-old woman from Navi Mumbai, The Rise of Online Financial Scams
Maharashtra, became the latest victim of an
In recent times, online financial scams have
online share trading scam, losing a whopping
seen a significant uptick, with cybercriminals
Rs 1.92 crore to cyber fraudsters. Enticed by
employing sophisticated techniques to
promises of lucrative returns, she deposited
defraud unsuspecting investors. This case in
money into various bank accounts over two
Navi Mumbai underscores the vulnerabilities
months, only to find herself ignored when she
individuals face when engaging in online
attempted to recover her investments. The
share trading. Investigations reveal that the
local cyber police have registered a case
fraudsters promised high returns, coaxing the
against four individuals under the Indian
victim to transfer funds into specific bank
Penal Code and the Information Technology
accounts. The scam highlights the critical
Act, marking another cautionary tale in the
need for increased vigilance and awareness
realm of online financial transactions.

*Reference links mentioned on last page of report Page 16 of 24

among digital investors, especially in light of education and awareness. Potential investors
recent findings by the Mumbai police cyber are urged to exercise due diligence before
branch, which uncovered a network of cyber making any online transactions, verifying the
scams with links to foreign countries. credibility of the platforms and individuals
involved. Resources and guidelines provided
Authorities Respond to Growing Cyber
by cybersecurity experts offer valuable
Threats
insights into avoiding common pitfalls and
recognizing early warning signs of fraud.
In response to the escalating threat of online
Moreover, individuals are encouraged to
scams, law enforcement agencies have
report any suspicious activities to the
intensified their efforts to combat
authorities, contributing to a safer online
cybercrime. The registration of the case in
environment for all.
Navi Mumbai is part of a broader crackdown
on internet-based financial fraud. Authorities
The incident in Navi Mumbai serves as a
are leveraging advanced technology and
stark reminder of the risks associated with
international cooperation to track down
online financial transactions. As
perpetrators, many of whom operate from
cybercriminals become increasingly
overseas. The case also spotlights the
sophisticated, the collective efforts of law
importance of prompt and decisive action in
enforcement, cybersecurity experts, and the
reporting suspicious activities to prevent
public are crucial in safeguarding against
further losses.
such threats. While the pursuit of the
perpetrators continues, this case reiterates the
Preventive Measures and Public
importance of caution, awareness, and
Awareness
education in the digital age.
To counter the menace of online scams,
experts stress the importance of public

*Reference links mentioned on last page of report Page 17 of 24

 International
Analyzing the Email Security Landscape and exploring
Emerging Threats and Trends.
In the ever-shifting digital arena, staying its efficacy by securing over 41.9 million links
ahead of evolving threat trends is paramount clicked by users.
for organizations aiming to safeguard their
Detection Breakdown
assets. Amidst this dynamic landscape, email
stands as a primary battleground for cyber
 There was a near-even split in
defense. VIPRE Security Group’s latest
detection methods, with 52% caught
report, “Email Security in 2024: An Expert
due to content and 48% via malicious
Insight into Email Threats,” delves into the
links.
cutting-edge tactics and technologies
 Many of the detections were due to
embraced by cybercriminals this year.
malicious attachments and previously
unseen threats, showcasing the
Drawing from an analysis of nearly a billion
importance of using innovative
malicious emails, the report sheds light on
security measures
advanced threats, empowering organizations
to grasp the intricacies of email-based attacks.
YARA Rules Impact
Below, we unveil some of the key revelations
unearthed in this comprehensive study YARA rules were pivotal in detecting millions
of malicious attempts spotlighting statistical
Key Findings from the “Email Security in
patterns and malware family indicators. The
2024” Report
adaptability of these rules contributed to a
marked increase in malware detection,
In an exhaustive review, VIPRE processed 7.2
particularly in the fourth quarter, emphasizing
billion emails globally, identifying
the necessity of continuous evolution in email
approximately 950.39 million as malicious.
security tactics.
The VIPRE Email Security Link Isolation
Emerging Threats and Trends
feature, akin to URL sandboxing, showcased

*Reference links mentioned on last page of report Page 18 of 24

The landscape of email threats continues to
evolve, with VIPRE’s report shedding light on
several alarming trends:
 Deepfake and AI Exploitation:
Attackers increasingly leverage
deepfake technology and AI to craft
more convincing phishing emails,
significantly raising the stakes for
email security.
 Rise of Quishing: A notable surge in
phishing attacks utilizing QR codes, or
“quishing,” poses new challenges,
with attackers exploiting this method
for its novelty and user trust.
 Targeted Sector Vulnerabilities:
Financial Services, IT, Healthcare,
Education, and Government sectors
have emerged as primary targets, with
attackers fine-tuning their strategies to
exploit specific vulnerabilities within
these industries.
 Mobile Threats: The expansion of
mobile threats highlights the growing
need for security awareness among
mobile users, particularly as attackers
develop more sophisticated methods to
compromise personal and corporate
data.
Phishing: The Persistent Threat
*Reference links mentioned on last page of report
Phishing remains a dominant tactic in the
cybercriminal arsenal, with the email report
providing crucial insights:
Techniques Evolve: The majority of phishing
attempts (71%) rely on deceptive links, but
attachments (22%) and predatory QR codes
(7%) are rising phishing tactics to watch out
for.
Who’s Being Spoofed?: Microsoft tops the list
of spoofed entities, highlighting the
importance of vigilance against seemingly
reputable sources.
Link and Attachment Tactics
 A shift in phishing methodologies is
observed, with a decline in link-based
phishing but a slight increase in
attachment-based tactics.
 HTML and PDF attachments emerge
as common vectors, underscoring the
need for enhanced scrutiny of email
attachments.
These insights emphasize the critical
importance of remaining alert and adopting
comprehensive security measures to mitigate
the risks posed by the evolving landscape of
phishing threats.
Spotlight on Specific Threats
Page 19 of 24
The Email Security in 2024 report illuminates The malware landscape has shifted, with
several specific threats that have been families like AsyncRAT, Qbot, RedLine, and
particularly prominent or are on the rise: AgentTesla taking the lead in various quarters.
These malware types, particularly targeting
Google Group Fake Order Scams
Windows systems, highlight the need for
vigilance against attachments and links that
Cybercriminals are exploiting Google Groups
may harbor such threats.
to distribute fake order confirmations, tricking
recipients into providing personal information
These highlighted threats underscore the
under the guise of canceling a non-existent
adaptability of attackers and the critical need
order. This scam cleverly manipulates trust
for advanced, proactive security measures to
and the routine nature of order confirmations
protect against these sophisticated tactics.
to breach personal security.
Predictions for 2024
Seasonal Scam Emails
Looking to the horizon of 2024, the Email
The report highlights an uptick in scam emails
Security in 2024 Report outlines several key
tied to holidays, leveraging the seasonal hustle
predictions that underscore the evolving
to bait users into phishing traps. These scams
nature of email threats:
often use newly registered domains to evade
detection, exploiting users’ lowered guard  Quishing’s Continued Rise: The
during festive periods. proliferation of QR codes in phishing
(quishing) is expected to escalate,
.EML File Attachments
taking advantage of the QR code’s
growing popularity and inherent trust
A significant rise in the use of .eml file
among users.
attachments for phishing attacks has been
 AI’s Double-Edged Sword: The
noted. These attachments, which can easily
advancement in AI technologies will
bypass traditional security measures due to
be a boon for cybercriminals,
their rarity in business communication,
enhancing the sophistication of
contain malicious content that, when opened,
attacks. Expect AI to be used in
can compromise the recipient’s security.
creating highly convincing spam
Malware Distribution Trends emails, including deepfakes and

*Reference links mentioned on last page of report Page 20 of 24

 personalized phishing attempts,
making it increasingly difficult to
distinguish between legitimate and
malicious communications.
 The Growing Threat of Identity Theft:
As attackers become more adept at
infiltrating inboxes, AI and machine
learning to mimic communication
styles pose a significant risk for
identity theft and sensitive data
exfiltration.
Analyzing the Email Security Landscape and exploring
Emerging Threats and Trends.
As reported by Cyber Daily, the gang, which
goes by the name Mogilevich, posted a
message on its darknet leak site giving more
information on its claimed leak of the Fortnite
and Epic Games Store company.
“We have quietly carried out an attack to Epic
Games’ servers,” the message reads.
It also claims to have compromised “email,
passwords, full name, payment information,
source code and many other data”, amounting
to a total size of 189GB.
“Data is also for sale”, it says, adding a link
for “an employee of the company or someone
who would like to buy the data”.
*Reference links mentioned on last page of report
 Escalation in Cyber Warfare: State-
sponsored attacks are anticipated to
intensify, with email being a critical
vector for targeting critical
infrastructure and spreading
misinformation.
 Diversification in Malware Delivery:
A broader array of file types, including
.eml, .pdf, and .ppt, will be exploited
to disseminate phishing and malware,
challenging traditional security
defences
The gang has given a deadline of March 4 for
someone to buy the data, but has not given a
specific figure, nor has it indicated what it will
do with the data if the deadline passes
According to Cyber Daily, Mogilevich is a
relatively new ransomware group, and Epic
Games is its fourth target. The first was Nissan
subsidiary Infiniti USA, which it hacked last
week.
At the time of writing, the group has not
released any actual proof that it has
successfully hacked Epic Games.
When the Rhysida group hacked Insomniac
Games in late 2023, it followed up its claim by
publishing a small amount of data online as
Page 21 of 24
proof, including an annotated screenshot from followed through with its threat, reportedly
Insomniac’s upcoming Wolverine game. releasing around 98% of the stolen data.

The group threatened to publish the stolen data Insomniac then released a statement calling the
within seven days, but first offered it for experience “extremely distressing” and saying
auction with a starting price of 50 Bitcoins it would “continue working quickly to
(approximately $2 million). One week later, it determine what data was impacted”.

*Reference links mentioned on last page of report Page 22 of 24

News / Feeds References
National

1. https://bnnbreaking.com/world/india/telangana-man-arrested-for-impersonating-high-
profile-figures-soliciting-money-on-social-media
2. https://timesofindia.indiatimes.com/city/hyderabad/aeronautical-engineering-student-
ends-life-due-to-gaming-addiction-and-loan-app-debts/articleshow/108059256.cms
3. https://www.hindustantimes.com/cities/mumbai-news/cyber-fraudsters-in-india-handlers-
in-hong-kong-dubai-101709148141103.html
4. https://telanganatoday.com/hyderabad-three-held-for-cybercrime
5. https://www.newsmobile.in/2024/02/26/what-is-the-digital-arrest-scam-tips-to-safeguard-
yourself-against-cyber-deception/
6. https://timesofindia.indiatimes.com/city/visakhapatnam/visakhapatnam-loses-10-crore-to-
cyber-frauds-in-2-months/articleshow/108058819.cms
7. https://www.indiatoday.in/technology/news/story/farmer-in-india-tries-to-buy-
discounted-cows-online-loses-rs-22000-in-new-scam-2508160-2024-02-28
8. https://www.hindustantimes.com/cities/gurugram-news/65-bank-accounts-found-frozen-
after-pan-india-misuse-in-cyber-fraud-101709144714821.html
9. https://bnnbreaking.com/world/india/navi-mumbai-woman-loses-rs-192-crore-to-online-
share-trading-scam-police-probe-underway

International
1. https://securityaffairs.com/159710/hacking/unmasking-2024s-email-security-
landscape.html
2. https://www.videogameschronicle.com/news/a-ransomware-gang-claims-to-have-hacked-
nearly-200gb-of-epic-games-internal-data/

*Reference links mentioned on last page of report Page 23 of 24

*Reference links mentioned on last page of report Page 24 of 24