Financial cybercrimes—ranging from UPI scams to credit/debit card fraud—are rising at an alarming rate in India. A single click on a phishing link or scanning a QR code can lead to significant financial loss within seconds. However, the law provides robust protection to victims—provided they act quickly and systematically.
This article offers a step-by-step guide on the legal and technical measures a victim should take in the event of financial cyber fraud, along with applicable legal provisions under the Information Technology Act, 2000, the Bharatiya Nyaya Sanhita, 2023, the Consumer Protection Act, 2019, and the RBI’s Integrated Ombudsman Scheme, 2021.
⸻
Part A: Legal Steps – How to Report and Escalate Financial Cyber Frauds
Step 1: Call the Cyber Crime Helpline (1930) Immediately
As soon as you detect an unauthorized transaction or fraudulent activity, call the national cybercrime helpline 1930. This helpline is operated by the Ministry of Home Affairs and enables real-time coordination with police authorities and banks to freeze stolen funds if reported promptly.
Step 2: File a Complaint on the National Cyber Crime Reporting Portal
Visit www.cybercrime.gov.in and lodge a complaint under the “Financial Fraud” category. The portal allows for uploading of supporting documents including proof of identity, transaction details, screenshots, and correspondence with the fraudster. Upon submission, you will receive a complaint ID to track the matter.
Step 3: Lodge an FIR with the Local Police or Cyber Cell
In addition to filing an online complaint, it is advisable to lodge a First Information Report (FIR) with your local police station or cyber cell. Provide a detailed written complaint outlining how the fraud occurred, the amount involved, and details of the transaction and recipient, if known. Request that the matter be investigated under the Information Technology Act, 2000 and relevant provisions of the Bharatiya Nyaya Sanhita, 2023, including:
• Section 316: Cheating and dishonestly inducing delivery of property
• Section 317(1)(c): Cheating using computer resources or digital communication
• Section 332: Forgery of electronic records
• Section 336: Criminal breach of trust
A copy of the FIR or Daily Diary entry should be obtained for record.
Step 4: Notify Your Bank or Payment Service Provider
Immediately inform your bank or digital payment platform in writing. Use the customer service portal, branch visit, or official email to report the fraudulent transaction. Mention the exact time, mode, and amount of the unauthorized transaction and attach screenshots or other evidence. Request acknowledgment and complaint reference from the bank.
As per RBI’s customer protection guidelines, if the victim reports the unauthorized transaction within three working days, the liability may be zero, and the bank is obligated to resolve the matter within 90 days. A delayed report may reduce the refund amount or increase the consumer’s liability.
Step 5: Escalate to the RBI Ombudsman if Unresolved
If the bank fails to respond within 30 days or provides an unsatisfactory resolution, the matter can be escalated to the RBI’s Integrated Ombudsman Scheme, 2021. The RBI has consolidated grievance redressal against banks, NBFCs, and payment system operators under this scheme.
Complaints can be lodged at https://cms.rbi.org.in along with supporting documents including the original complaint to the bank, the bank’s response (or lack thereof), and evidence of the fraud. The Ombudsman is empowered to direct refund, award compensation, or require corrective measures.
⸻
Part B: Technical Steps – Secure Your Accounts and Prevent Future Attacks
- Block Accounts and Change Credentials Immediately
Upon detection, block your card, account, or UPI handle through your bank’s 24×7 helpline or app. Change all relevant passwords—net banking, UPI PINs, email, mobile wallet access, etc. This step is critical to preventing further unauthorized activity. - Preserve All Digital Evidence
Save all transaction alerts (SMS/email), screenshots of the UPI ID or wallet used by the fraudster, chat logs, call recordings, and bank statements. Preserve them in original form for use in complaint filings and investigations. - Enable Transaction Alerts and Lower Transaction Limits
Activate SMS/email alerts for every transaction. Configure your account or UPI app to restrict maximum daily or per-transaction limits, especially for outgoing payments. This can serve as a precautionary measure against future fraud. - Strengthen Cybersecurity Practices
Enable two-factor authentication for all financial and communication platforms. Avoid using public Wi-Fi for financial transactions. Install antivirus software and keep your phone’s OS and apps updated. Refrain from downloading apps or clicking on links from unverified sources. - Monitor Financial Accounts and Credit Reports Regularly
After the incident, monitor your bank statements and UPI transaction history for any suspicious activity. Consider checking your credit bureau report for unauthorized loan applications or cards, which may indicate identity theft.
⸻
Applicable Legal Provisions and Redressal Avenues
Victims of financial cybercrime are protected under several overlapping legal frameworks:
• Information Technology Act, 2000: Sections 66C and 66D criminalize identity theft and cheating by impersonation using computer resources.
• Bharatiya Nyaya Sanhita, 2023: Section 316 addresses cheating; Section 317(1)(c) covers cyber-enabled cheating; Section 332 deals with forgery of electronic records; and Section 336 provides for criminal breach of trust.
• Consumer Protection Act, 2019: Offers remedies for service deficiency and unfair trade practices in digital transactions.
• RBI Integrated Ombudsman Scheme, 2021: Provides a unified platform for lodging complaints against banks, NBFCs, and payment service providers for non-redressal of grievances.
⸻
Conclusion
Falling prey to financial cyber fraud can be distressing, but the law equips individuals with a robust framework to seek redressal and prevent further loss. The key lies in immediate action and coordinated reporting.
• Report the incident through helpline 1930 and www.cybercrime.gov.in
• File a police complaint and inform your bank without delay
• Escalate the matter to the RBI Ombudsman if unresolved
• Preserve all evidence and implement security enhancements
The combination of legal action and technical vigilance is essential to safeguarding yourself in the digital financial landscape.