Victim of Online Fraud via Malicious App? Legal Recourse in India

by

Advocate Rohit
in
Victim of Online Fraud via Malicious App? Legal Recourse in India

In the city of Janakpuri, Mr. Alok Sharma, a retired government employee, found himself in a state of panic. He had received an email regarding a courier delivery he was anticipating from a company called ‘Swift Couriers’. The email provided a contact number for tracking the consignment. Mr. Sharma called the number, and the person on the other end, posing as a courier executive, instructed him to download a special tracking application via an .apk file to finalize the delivery details.

Trusting the process, Mr. Sharma installed the application. The executive then asked him to make a nominal payment of Rs. 5 through the app’s payment gateway to schedule the delivery for the next day. Mr. Sharma attempted the payment using his Unified Payments Interface (UPI) app linked to his accounts at Suraksha Bank and Central Bank of Bharat. Moments later, he was shocked to receive notifications for two unauthorized transactions from his accounts, one for Rs. 4,900 and another for Rs. 1,500.

Realizing he had been duped by a fraudulent app, he immediately blocked the caller’s number and uninstalled the application. However, the malicious .apk file remained on his phone, and the system wouldn’t allow him to delete it. He spent the next hour frantically trying to contact his banks. While Central Bank of Bharat registered a preliminary complaint, it was the customer support at Suraksha Bank that provided clearer guidance on reporting the incident on the national cyber crime portal.

The family was distressed, unsure of the next steps and whether the lost money could be recovered. This scenario is increasingly common, where fraudsters exploit a person’s lack of technical knowledge to gain remote access to their devices and siphon money from their bank accounts.

Advice in such cases

  • Immediately contact your bank(s) via their official helpline numbers and request them to freeze your account or block the debit card and UPI facilities to prevent further financial loss.
  • Report the incident immediately on the National Cyber Crime Reporting Portal (www.cybercrime.gov.in) or by calling the helpline number 1930. The “Golden Hour” is crucial; reporting within the first few hours increases the chances of blocking the transfer and potentially recovering the funds.
  • Preserve all evidence related to the fraud. This includes the fraudulent email, the phone number of the fraudster, screenshots of the malicious app, transaction details (SMS and email alerts), and your bank statements. Do not delete anything.
  • File a formal written complaint at your nearest police station, which they are obligated to register as a First Information Report (FIR). Provide them with all the evidence you have collected.
  • Consult with Lawyer: The very basic and important step to start is talk to Lawyer / advocate. You should not hesitate in paying his consultation fee i.e. might be in range of Rs. 10,000 to 50,000 depends case to case. He is helping you in this situation of come out. He is expert in the domain and can help you explain the procedure which you might have never explored. A good lawyer can get the issues resolved much faster than you think.

Applicable Sections of Law

Such fraudulent activities attract provisions under various Indian laws. The investigation will likely involve the following sections:

  • Bharatiya Nyaya Sanhita, 2023 (BNS): Section 318 of the BNS, which deals with cheating and dishonestly inducing delivery of property, is directly applicable. If the act involves impersonation, other relevant sections may also apply.
  • The Information Technology Act, 2000: This is the primary legislation for cybercrimes. Relevant sections include:
  • Section 66: Computer related offences, for dishonestly or fraudulently committing any of the acts referred to in section 43.
  • Section 66C: Punishment for identity theft.
  • Section 66D: Punishment for cheating by personation by using computer resource.

If you are the complainant

  • Be proactive in filing the complaint. Do not delay reporting the crime to the police and on the cybercrime portal.
  • Provide a detailed, chronological account of the events in your written complaint. Mention every detail, from how you were contacted to the amounts debited.
  • Submit copies of all evidence to the investigating officer and obtain a receiving copy of your complaint and the FIR.
  • Regularly follow up with the police on the status of the investigation. Your persistence is key to ensuring the case moves forward.
  • Cooperate fully with the investigation and provide any additional information or documents requested by the authorities.
Victim of Online Fraud via Malicious App? Legal Recourse in India

If you are the victim

  • The first step is damage control. Secure your bank accounts and cards immediately.
  • Change all your important passwords, especially for banking and email accounts, as the malicious app might have captured your credentials.
  • Perform a factory reset of your mobile phone to completely remove the malicious .apk file and any associated malware. Ensure you back up your important data (contacts, photos) before doing so.
  • Be cautious of any follow-up calls or messages. Fraudsters sometimes contact the victim again, posing as officials who can help recover the money, in an attempt to defraud them further.
  • Consult with Lawyer: The very basic and important step to start is talk to Lawyer / advocate. You should not hesitate in paying his consultation fee i.e. might be in range of Rs. 10,000 to 50,000 depends case to case. He is helping you in this situation of come out. He is expert in the domain and can help you explain the procedure which you might have never explored. A good lawyer can get the issues resolved much faster than you think.

How the police behave in such cases

The response from the police can vary. While some police stations, especially those with dedicated cyber cells, are equipped to handle such cases efficiently, others may lack the technical expertise. Initially, they might seem hesitant to file an FIR and may direct you to the cybercrime portal. However, it is your right to have an FIR registered. Be polite but firm. The police are often overburdened, so consistent follow-up, possibly through a lawyer, is essential to ensure your case is investigated properly. The investigation typically involves tracing the digital trail of the money, identifying the bank accounts where funds were transferred, and tracking the mobile numbers and IP addresses used by the criminals.

FAQs people normally have

Victim of Online Fraud via Malicious App? Legal Recourse in India

What evidence is required?

To build a strong case, you must preserve and submit the following evidence:

  • Bank account statements showing the fraudulent debit transactions.
  • Transaction IDs, dates, and times of the unauthorized transactions.
  • Screenshots of the fraudulent messages, emails, or the malicious app’s interface.
  • The mobile number(s) from which the fraudster contacted you.
  • A copy of the malicious .apk file, if you can safely extract it before resetting your phone.
  • Any other communication you had with the fraudster.

How long will the investigation take?

The duration of a cybercrime investigation can be unpredictable. It depends on various factors, including the complexity of the case, the digital footprint left by the criminals, and the cooperation between different banks and law enforcement agencies, which may be located in different states. Simple cases might be resolved in a few months, while more complex ones involving multiple accounts and locations can take significantly longer, sometimes even years. The chances of recovering the money depend heavily on how quickly the crime is reported and how swiftly the authorities can act to freeze the funds in the beneficiary accounts.

Advocate Sudhir Rao, Supreme Court of India

Rate this post