Cybercrime
Cybercrime is evolving, and we need to do the same.
Just before I started writing this article, I did a routine sweep of the internet , because I wanted to start off with an example that was as current and as latest as possible.
I found a news article about a 61-year-old man losing Rs 30 lakh to a digital fraud, which makes for the perfect lens through which we can take a closer look at the ever-growing monster of digital fraud in the 21st century.
The news article, although about a fresh case, didn’t really hold any surprises. The elderly victim, a retiree, was approached by fraudsters claiming to be from a stock market investment advisor group. They lured him by promising ‘guidance’ on investing in the best of stocks that would double or triple his investment within a short time, and convinced him to transfer money to his ‘investment account’. In reality, the money was simply going to the fraudsters’ account and the victim was seeing a manipulated screen, which showed him how his ‘profits’ were increasing. But the minute he tried to withdraw his profits, the fraudsters blocked him and moved on to the next victim.
What is significant here is that the victim himself is a retired bank employee. He had some familiarity with the shady world of financial fraud and also spent his working life in an environment where he was encouraged to be suspicious of everyone he crossed paths with at work. And yet, he transferred most, if not all, of his savings into the ‘investment app’.
Asking The Wrong Questions
The immediate—and popular—reaction to this entire case would be, “How could the victim be so gullible?” Sadly, we, as a system, have spent close to two decades asking this question, instead of the ones that really matter. Blaming the victim has always been a knee-jerk response to any crime down the ages, and cybercrime is no different. The reflexive instinct that is triggered every time we learn about someone around us falling prey to digital fraud is, “How could you trust them so blindly?”
And while we were busy blaming each other, cybercriminals graduated from being small-scale, stray operations based on sheer dumb luck to a highly organized ecosystem relying on research and data, with an annual turnover of crores of rupees. Normally, that’s a sentence we’d use to describe a legitimate and successful start-up that began as an experiment in a one-bedroom house and is now headquartered in a six-storey building, with branches across India.
Asking The Right Questions
The question we should instead be asking is, how did this happen? How did criminals start being able to con us out of our hard-earned money without even showing us their face?
The answer to this question isn’t really easy to infer, or to digest. But the long and short of it is that we are failing. As a system, as a society, as a country, we are failing pitifully when it comes to safeguarding ourselves and each other against cybercrimes. Because we have the righteousness of a rapidly advancing society, but not the awareness. And for this reason, we don’t know enough about digital fraud to be able to recognise it when it’s happening to us.
The following are three of the top, or ‘trending’ digital frauds that are widely perpetrated today. The purpose behind breaking them down in detail is to make sure that everyone who reads this is able to spot a digital fraud from a mile away.
Investment Scams
This one used to be a fairly simple scam at one point of time, where the fraudsters would send you messages or call you, offering to help you invest your money into stocks with high returns. Today, they have become clever and creative and even more scary; they have discovered Artificial Intelligence. The low-budget investment scam relies on taking pictures of popular stock market analysts and advisors off the internet, without their knowledge or consent, and using them as unwitting brand ambassadors. Posters with the pictures of these celebrities are made into paid ads that are pushed to social media platforms like Facebook, Instagram and WhatsApp. You think you are being advised by the best in the business. In reality, you are losing every penny you have.
The more serious version of this scam uses AI to generate fake videos of leading industrialists, ‘recommending’ these advisors. And these fakes are really good, manipulating both the visual and the voice in a way that is hard to detect unless you are really scrutinizing them carefully.
Quick Tip: Invest only with people you can physically see. And remember that Mukesh Ambani is definitely not going on camera to promote any investment advisor.
Part-time job Rackets
Another scam that has snowballed into a menace, this one starts with a Telegram or WhatsApp message, purportedly from an HR professional offering you a part time job. The ‘job’ is simple enough: leave positive reviews on products or complete such ridiculously simple tasks in exchange for quick and easy money. What helps sell the lie is that you even get paid for the first few tasks, which convinces you that you are dealing with a genuine party. Then comes the lure: invest in our schemes and watch your money double. You start with small amounts, in three figures, and soon, you are up to five to six figures. And then, suddenly, they’re gone. And so is your money.
Quick Tip: The moment a part time job offer turns into an ‘investment opportunity’, block that number.
Sextortion
Begins with a Facebook friend request and turns into a nightmare pretty fast. Aimed mostly at men, the fraudsters send requests via profiles made in the name of good looking women. Once you accept, the chatting begins and soon, you are lured into a video call. All it takes is one grab of your face watching a video, with a woman at the other end engaged in explicit acts, and the extortion begins.
With AI, you don’t even need to receive a video call. A random picture of you can be used to generate a fake video showing you on a video call.
Quick Tip: Since this is a cybercrime that doesn’t always rely on user interaction, meaning that it could happen to anyone without the victim actually participating in it, the best way is to not be afraid if there is an extortion attempt. Put out a social media post saying you are being blackmailed, inform the police and don’t pay. No cybercriminal is coming to your house to demand the money; cybercrime simply doesn’t work that way.
It takes a village
As the old adage goes, it takes a village to raise a child. It also takes a village, or in this case, the entire system, to create a robust environment that goes beyond blaming the victim. And this where everyone of us has an equal share of the responsibility. Law enforcement, financial institutions, news media, civilian consultants and other stakeholders need to think about what more can be done.
Because Indians lost over Rs 70,000 crore to cybercrimes in 2023, and those 30-second ads saying “Never share your OTP” are simply not enough any more.
To read more English blogs, please visit our blog section.
Gautam S Mengle
The author is a journalist with over 16 years of experience, a published author and an expert on cybercrime and cybersecurity awareness.