This article is written by Arihant Jain during his internship with Le Droit India.
Abstract
The global problem arising in today’s world in online frauds. Online frauds are rapidly increasing because of the internet or any other thing. Here we are not blaming any type of development in internet or any other area which may result in fraud, what we are blaming is the understanding of people, the direction in which people are going, instead taking benefit of internet, many digital apps, what they are thinking is how to theft someone easily. Now a days almost every age group uses smart phone, or any gadget they made, it includes children from 4 to 18, Adults – 18 to 60, senior citizens above 60. The most easy target from them are people from the age group 4 to 18 and above 60. If we talk about children’s from 4 to 18 , in this age they are very influential as they don’t have to much knowledge what to use, how to use, they just get excited when they see something in their favour, without checking that the particular thing is fraud or it is not, they just continue to the process in order to achieve in simple words what we can say is they become greedy. Online frauds can be done through just sending some link which is fake giving them exciting offer, to influence so they move on the process as soon as they move on the process the gadget they are using gets hacked. The fraudsters extract money from their bank account, can extract their personal stuff and use them in order to give threat to them which is an offence under Section 351 BNS – It talks about threat given by some person to another for their own benefit. Not only the online fraud can be done through the link and can be done over call also , sometimes we pick unknown number , as soon as we start talking to them with in a seconds our phone or in some cases bank accounts get hacked by them. And know if we talk about the senior citizens who are above 60, the problem they had is some seniors citizens may be well educated, but some are not, many of them had weak eye sites because of this what happens is they sometimes click the wrong thing accidentally and it results in fraud. Not only citizens with these problems, some of them are healthy , don’t have any problem they also get trapped in there types of frauds. That’s why almost every country had the Law against these crimes as if we talk about India , we have Information Technology Act which covers almost online fraud.
Keywords – Fraudsters, BNS, Information Technology Act, Gadget, Internet
Introduction
In the digital age, we have many platforms to connect with people , some of these platforms are – Instagram, Snapchat, Whatsapp, Facebook and many more. The internet has revolutionized communication, shopping, and conducting finances, but it has also provided an open window of opportunity for complex online fraud. From phishing to identity theft, cybercriminals take advantage of technology and human weaknesses, resulting in enormous financial and emotional losses. The FBI’s Internet Crime Complaint Center (IC3) reports that cybercrime losses in the United States alone totaled over $12.5 billion in 2023, with investment scams and phishing being two of the most reported offenses. Worldwide, the figures are even higher, with estimates placing cybercrime losses as high as $10.5 trillion by 2025. Legal recourse awareness is vital to individuals and institutions to protect themselves and receive redress in case of victimization. Legislation across nations has adapted to fend off the increasing specter of online fraud, providing roadmaps for prevention, prosecution, and recovery. This article covers the most prevalent forms of online fraud, legal recourse available to assist victims, and practical measures to stay safe in an increasingly networked world.
Common Forms of Internet Frauds
Internet fraud is a collection of deceptive strategies used to exploit victims for monetary gain or data. Below are the most prevalent varieties:
- Phishing Scams- These messages have the tendency to mislead users into sharing sensitive information such as login credentials or financial information or into the opening of malicious links that download malware. Example: A phony email from a bank asking you to “verify” account information by following a link. Consequence: The victims can lose money, have their identity stolen, or experience data breaches.
2. Identity Theft – Identity theft happens when an individual uses your personal data—like Social Security numbers, credit card numbers, or passwords—to act like you for financial benefit. This can result in purchases you did not make, damaged credit reports, or even criminal charges against you. Example: A fraudster uses stolen credentials to open a credit card account in your name. Effect: The victims lose money and the time-consuming process of recovering their identity.
3. Online Shopping Scams – These scams include fraudulent e-commerce sites or sellers who provide products at low prices but do not deliver after making a payment. Others use fake products or non-existent products to trap the victims. Example: A site sells cheap electronics, but once you pay, the webpage is gone. Effect: Consumers are shortchanged with little hope of recoupment. 4. Cryptocurrency and Investment Scams – Scammers exploit the market hype for cryptocurrencies and investments by providing unrealistic returns through fake platforms or Ponzi schemes. They lose their entire investment. Example: A scam crypto exchange offers 10% return per day but disappears after taking money. Effect: Substantial monetary losses, frequently irreversible because of the lack of regulation in certain platforms.
5. Romance Scams – Fraudsters open false accounts on dating sites to establish trust with their victims, then go on to manipulate them into sending money or divulging sensitive information. Example: A con artist pretending to be a potential romantic interest requests money to pay for a “medical emergency.” Impact: The victims suffer financial and emotional distress.
6. Ransomware – Ransomware is software that encrypts a victim’s data or machine, with attackers demanding payment (typically in cryptocurrency) to release the data. Even with payment, data recovery is not assured. Example: A hospital’s systems are locked, interfering with patient care until a ransom is paid. Effect: Disruptions in operations and losses.
7. Business Email Compromise (BEC) – BEC scams also target companies by impersonating executives or vendors and manipulating employees into sending money or divulging confidential details. Example: A fictional CEO’s spoofed email instructs the finance department to send money to an imposter account. Effect: Businesses suffer huge financial losses and loss of reputation.
Legal Protection from Internet Frauds
Governments and international organizations have created legal precedents to fight online fraud, protect the victims, and hold offenders accountable. The following is a summary of key legislation and protections in important jurisdictions like the U.S., EU, and India and international initiatives.
- United States The U.S. has a strong legal framework to combat online fraud and uses federal and state legislations and regulatory control. Federal Legislation
Computer Fraud and Abuse Act (CFAA): Passed in 1986 and subsequently amended several times, the CFAA criminalizes accessing a computer and a network without authorization, as well as carrying out hacks, phishing, and disseminating malware. Offenders are liable to be sent to prison for seven years and fined substantially. Identity Theft and Assumption Deterrence Act of 1998: This act criminalizes identity theft with penalties ranging from up to seven years in jail to mandatory restitution and victim recovery services.
CAN-SPAM Act (2003): This governs commercial email, mandating clear opt-out facilities and banning misleading subject lines. Offenders can be fined up to $43,792 per email. Electronic Fund Transfer Act (EFTA): Consumers are protected from unauthorized electronic transfers under Regulation E. Banks must investigate and refund losses within 10 days if reported promptly (typically within 60 days of the statement).
Gramm-Leach-Bliley Act (GLBA): This mandates financial institutions to protect consumer data, with penalties for non-compliance that enable fraud.
State Laws There exist cybercrime statutes in certain states, too. For instance:
California Consumer Privacy Act (CCPA): Provides consumers with rights to be informed regarding how their information is utilized and to sue firms for data breeches that facilitate fraud. New York’s SHIELD Act: Mandates companies to have data breach safeguards in place and inform hacked consumers.
Regulatory Agencies Federal Trade Commission (FTC): The FTC enforces consumer protection laws, investigates deception, and provides tools like the IdentityTheft.gov website to victims.
Consumer Financial Protection Bureau (CFPB): Regulates financial institutions to compel them to adhere to EFTA and other consumer protection legislation. FBI’s Internet Crime Complaint Center (IC3): Enables victims to report cybercrimes, making it easier for investigations and data collection.
European Union – The EU has advanced legislation against cybercrime and in consumer protection, focusing on data privacy and cross-border collaboration.
Major Regulations General Data Protection Regulation (GDPR): Introduced in 2018, GDPR enforces robust data protection procedures for businesses. Businesses that fail to safeguard data are penalized with up to €20 million or 4% of worldwide yearly turnover in fines. Victims are also entitled to compensation for data loss. ePrivacy Directive: Governs electronic communications, such as email marketing, to avoid phishing and spam.
It is supplementary to GDPR.
Cybersecurity Act (2019): Putting in place a cybersecurity certification framework and enhancing ENISA’s (European Union Agency for Cybersecurity) mandate. Directive on Security of Network and Information Systems (NIS Directive): Mandates critical infrastructure operators to protect systems from cyber attacks such as ransomware. Consumer Protections Payment Services Directive 2 (PSD2): Enhances online payment security by requiring strong customer authentication (SCA). Banks are required to reimburse unauthorized transactions within one business day. EU Consumer Protection Cooperation (CPC) Network: Facilitates cross-border action against deceptive online practices. Enforcement National data protection authorities (DPAs) of all member states would apply GDPR and other legislation. Europol’s European Cybercrime Centre (EC3) conducts cross-border cybercrime investigations, such as phishing and BEC scams.
India India’s legal framework for online fraud is evolving rapidly to address such developments in the country’s maturing digital economy.
Principal Legislation:
Information Technology Act, 2000 (IT Act): The IT Act was modified in 2008 and criminalizes hacking, identity theft, and phishing as offenses, punishable by up to seven years of imprisonment and fines. Section 66C addresses identity theft as a separate section, and Section 66D addresses cheating by impersonation. Indian Penal Code (IPC): Sections such as 420 (cheating) and 468 (forgery) are used to charge online scammers. Consumer Protection Act, 2019: Seeks to safeguard consumers against misleading online transactions, enabling complaints before consumer courts for redressal. Payment and Settlement Systems Act, 2007: Regulates digital payments, ensuring banks address unauthorized transactions promptly.
Enforcement Mechanisms
Cybercrime Cells: Special units in big cities probe cyber scams. National Cyber Crime Reporting Portal: Enables victims to report cybercrimes, facilitating investigations.
Reserve Bank of India (RBI): Issues guidelines to banks to limit liability for unauthorized transactions in case they are reported within three days.
International Cooperation Cybercrime often crosses borders, requiring global collaboration.
Key efforts include:
Budapest Convention on Cybercrime (2001): The initial international convention on cybercrime, it fosters harmonized legislation and mutual support between 67 member countries, including the U.S., EU countries, and India (observer member).
Interpol Global Cybercrime Programme: Enables cross-border investigations and capacity building for law enforcement UN Initiatives: The United Nations Office on Drugs and Crime (UNODC) facilitates capacity building to fight cybercrime in developing countries.
How Laws Help Victims
Legal systems offer several protection levels to internet fraud victims:
1. Financial Recovery
U.S.: Under the EFTA, consumers are not liable for unauthorized transactions if reported promptly.
EU: PSD2 requires refunds of unauthorized transactions, usually within a business day, except in demonstration of gross negligence.
India: RBI rules limit consumer liability for unauthorized transactions when reported within three days, with full refunds if due to bank negligence.
2. Identity Restoration
U.S.: The FTC’s IdentityTheft.gov offers a recovery plan, such as free credit freezes and fraud alerts. The Identity Theft and Assumption Deterrence Act requires victim assistance.
EU: GDPR enables victims to claim compensation for data breaches and request data erasure.
India: The IT Act safeguards victims through cybercrime cells, though procedures for recovering identities are less effective.
3. Prosecution of Offenders
Legislations such as the CFAA (USA), GDPR (EU), and IT Act (India) facilitate prosecution of those committing cybercrime, which can result in a fine or imprisonment.
Global cooperation through Interpol and the Budapest Convention helps in tracking perpetrators across borders.
4. Consumer Education
Governments and bodies such as the FTC, ENISA, and India’s Ministry of Electronics and IT offer tools to inform consumers about fraud prevention.
Initiatives such as the U.S.’s “Stop. Think. Connect.” and India’s “Cyber Swachhta Kendra” encourage secure use of the internet.
Conclusion
Online fraud is a global trouble, but legal protection across borders provides a bumper to the victims. In the United States, laws like the CFAA and EFTA insure fiscal reparation and execution of the lawbreakers. Global cooperation also strengthens these way given the global nature of cybercrime. But forestallment is the stylish defense. With safe use of the internet, keeping up to date, and early discovery of fraud, individualities and businesses can reduce pitfalls. As technology changes, so too must legal fabrics and people’s perceptivity in order to stay ahead of cybercrime.However, act fast — report to the authorities, inform your bank, If you’re a victim of fraud.
