India 4th most prone to spam calls & cyber crime

KYC & OTPs favourite routes for scamsters

Business

December 23, 2021

India 4th most prone to spam calls & cyber crime

Over 202 million calls were made from just one number in India in a period of 10 months (Photo: MIG)

On the back of spike in sales and telemarketing calls, India jumps from 9th place in 2020 to 4th this year in terms of spam calls and cybercrime, says report by Swedish caller identification and spam blocking app start-up, Truecaller, which adds that fraudsters most often resort to banking Know Your Customer for committing crimes.

1.5/5 - (16 votes)

Over 202 million calls were made from just one number in India in a period of 10 months, or over 664000 calls every day, 27000 calls every hour of every day or 450 calls per minute every minute of every day in the period. That mindboggling figure explains the extent of spamming that happens in India.

Of the total spam calls received by the users, 93.5 pc of the calls were of sales or telemarketing calls, 3.1 pc for financial services, 2 pc nuisance and 1.4 pc for scam calls. KYC (Know Your Customer) related scams remains prevalent in the country. The fraudsters pretend to be officials from banks, online wallets or even the Reserve Bank of India (RBI) and ask for documents mandated for KYC. Apart from scams by pretending to be an official, the fraudsters have started luring victims under some pretext like OTP (One Time Password), lotteries or sales. After luring the victims into a trap, the fraudsters ask the end-users to download a remote access app leading to loss of money from banks, cards and digital wallets.

Telecom Regulatory Authority of India (TRAI) has put many provisions in place to curb spamming and the number of scams taking place due to it. TRAI had introduced its National Customer Preference Register (NCPR), formerly the National Do Not Call Registry (NDNC) under its Telecom Commercial Communications Customer Preference Regulations, 2010 and the following sixteen amendments.

Seeing the rise of spam calls, the Ministry of Communications decided to slap the offenders with financial penalties. It has fixed that the maximum penalty for INR 10,000 and has created Digital Intelligence Unit (DIU) to probe into the problems further.

In February 2021, DIU was set up as a nodal agency to deal with complaints of unsolicited commercial communication (UCC) and cases of financial fraud, especially in the digital payments space. With the order for Delhi High Court for ensuring strict implementation of regulations issued by it in 2018 curbing the UCC, TRAI had imposed fines up to INR 300 million on companies such as Bharat Sanchar Nigam Limited, Vodafone Idea and Reliance Jio Infocomm for not putting enough measures to control UCC between the period of April and June 2020.

For FY 2020-21 as per the annual report published by Reserve Bank of India, frauds related to cards (Debit and Credit) along with internet frauds led to a total loss of INR 1.19 billion which is only 0.07 pc less when compared to FY 2019-20.

Who profits from these kinds of calls?

“A spam call could be anyone trying to reach you – a salesperson or any other unwanted call. In other words, a spam call can come from a telemarketer selling you a real product or service, or product or service that is fake or doesn’t apply to you,” Kari Krishnamurthy, Chief Commercial Officer of Truecaller tells Media India Group.

“It’s mainly the spammers and scammers who gain from these as in some cases they are organised operators who pretend to be calling from legitimate call centres and the scams are getting more sophisticated and more threatening. According to our US Scam and Spam report of this year, a staggering 29.8 billion USD* was lost to phone scams in America in the past one year,” adds Krishnamurthy.

According to Truecaller, India has been in the list of the top 20 countries affected by spam calls for many years and scams relating to OTP and KYC are most prevalent. “India has made it to the TOP 20 list of Global Spam reports of Truecaller for many years, KYC and OTP being the top trends owing to the rise of the digital economy,” Krishnamurthy adds.

Truecaller declined to share data pertaining to state-wise breakup of spam calls in India, citing its privacy policies. “We do not have state wise breakup of spam calls as it needs location tracking of the user which we do not follow going by Truecallers privacy rules. We only have country wise data as the app identifies numbers based on country codes,” says Krishnamurthy.

Pavan Duggal, an advocate of the Supreme Court of India specialising in cyberlaw has had long experience of dealing with people who have been victims of cybercrime. “Almost all kinds of groups of people are being targeted by spammers and cybercriminals. Spam is a wonderful business for them because at a very low investment they are able to put a massive net across the world and whosoever gets caught in the spam net becomes the victim of these nefarious and illegal designs of the spam net. In the Indian context, I find particularly the students, youth, professionals in different sectors, government offices, banks, network services, insurance services are the primary targets of these spam emails and spam calls and are targeted because here they potentially tend to gain the maximum and are potentially easy targets,” Duggal tells Media India Group.

Very few victims of these crimes report to the concerned authorities due to fear of shame or being unaware of the provisions which have been placed by the country in place to battle cybercrimes. “When you talk about figures one realises that no scientific or comprehensive figures are available. Even the NCRB (National Crime Records Bureau) provides a very restrictive viewpoint because they are giving you the actual number of FIRs registered versus the total number of cybercrimes that have taken place. Those figures are not telling you the true picture. When you look at the actual figures you can see that a lot of under-reporting is prevalent. A few years back my law firm along with an association conducted a survey to find out the level of under-reporting that was happening in cybercrime in India. We found that for every 500 instances of cybercrime only 50 are reported out of which only one is registered as an FIR. This is a very restrictive figure as it was in the pre-covid times,” says Duggal.

“With the coming of Covid-19, it’s cybercrime everywhere with nowhere to run. The golden age of cybercrime has raised the global cost of cybercrimes including these cyberattacks, one survey conducted in the public domain tells for the year 2020 the world lost more than USD 6 trillion and by the end of 2021 world would have lost more than USD 8 trillion thanks to these cybercrimes, cybersecurity breaches and spam attacks,” says Duggal.

The government has also put measures to help the victims and lessen the liability and burden on part of the gullible and unaware consumers. “Reserve Bank of India (RBI) passed a notification dated July 6, 2017. This notification entitles zero liabilities for consumers who are victims of unauthorised financial transactions. If you are a banking customer and if your account shows illicit activities which didn’t happen due to your negligence or your authorisation and you have taken the necessary steps for securing your account then if you report the said unauthorised transaction to the bank within the first 72 hours then you are entitled to zero liability. This means the bank will be forced to give you back your entire money back. But if you have voluntarily shared your details such as OTP or password to someone then you will not be entitled to zero liability,” says Duggal.

Since most cyber scams that take place in India are related to OTP and KYC, Duggal suggests reporting to the National Cybercrime by calling the number 155260 or reporting on the portal to help the authorities stop the money in the pipeline transferring to the fraudster from the victim’s account. Often time it is difficult for the authorities to track down the criminals as they are outside the jurisdiction of the concerned authorities as they are usually based overseas and use VPNs (Virtual Private Networks) to hide their digital footprints, but people must still report these crimes as this gives the authorities a chance to crack down several cases and make a dent in the numbers.

Duggal cautions the users on basic precautions that need to be taken to avoid falling prey to the scamsters. “Users have to now wake up to the new cyber age. With the coming of Covid-19, irreparable and irreversible on the cyberworld. As always prevention is better than cure. Users have to now be careful and should not be part of the vomiting group, i.e., they are vomiting all kinds of sensitive data whether it be personal, professional or social information unnecessarily. They only need to share the information on a need-to-know basis and be duly diligent. They must learn to inculcate elements of distrust and mistrust. Only by conscious effort, due diligence and caution you can prevent yourself from becoming a victim,” he says.

Duggal further says, “We are sitting ducks for the cybercriminals and it is time for us to strengthen our defences and enhance our awareness. We have already created an online platform offering various courses on cyberlaw, cybercrime and cybersecurity. Speaking about the numbers more than 27,000 students have done the courses from over 52 countries speaking 15 different languages over 3 years. These figures are telling us that there is a need for awareness training,” says Duggal.