E-Directory

Digital Deception & Emerging Cyber Frauds – Protection Strategies & Best Practices by Manish Vashistha | Jigyasa Talk Presentation, 27th Feb 2026 at RIC

DIGITAL DECEPTION & EMERGING CYBER FRAUDS 

Understanding • Identifying • Preventing • Responding

By Manish Vashistha, manish301@gmail.com

1. INTRODUCTION 

Today, many people use phones, UPI, WhatsApp, email, online banking, social media, and shopping apps every day. These tools make life easier. But they also give fraudsters many ways to cheat people. Cyber fraud means cheating people using digital tools, messages, apps, websites, calls, QR codes, and fake identities. Modern fraud is often not about breaking a machine. It is about fooling a person. That is why awareness is now more important than ever. The class material highlights that cyber fraud is rising fast in India, with very large financial losses and a huge number of complaints. 

This topic is important because fraud can affect anyone. A person may lose money, trust, privacy, peace of mind, and confidence in using digital services. Sometimes the loss is not only financial. People also feel shame, fear, stress, and confusion after being cheated. Seniors are especially targeted because scammers know that many older users trust callers, messages, or official-looking notices more easily. But the truth is simple: anyone who uses a smartphone or online payment system can be targeted. 

2. CURRENT SCENARIO IN INDIA 

The class notes state that cyber fraud losses in India have reached extremely high levels, with about ₹19,813 crore lost in 2025 and more than 21 lakh complaints filed on the National Cyber Crime Reporting Portal. The notes also mention that this means thousands of frauds happen every day. These figures show that cyber fraud is no longer a small problem. It is a large national problem that affects families, working people, retirees, students, and businesses. 

What does this mean for common people? It means that digital safety is now like home safety. We lock our doors, check our windows, and do not open the gate to strangers. In the same way, we must not click unknown links, share OTPs, install unknown apps, or trust random callers. The main lesson from the notes is that the weakest link is often human behavior, not the machine itself. 

Golden Rule:

A smart phone is not automatically a safe phone. Safety depends on how it is used. 

3. HACKING VS FRAUD 

Many people think cybercrime always means “hacking.” But the material clearly explains that today fraud is often more dangerous and more common than hacking. Hacking usually means entering a system by using technical skill. Cyber fraud usually means tricking a human being into giving access, money, or personal information. 

Hacking 

Hacking is like breaking the lock of a house and entering without permission. It usually targets computers, servers, and networks. It often needs technical knowledge. 

Fraud 

Fraud is like pretending to be a trusted visitor and convincing the owner to open the door. It targets people, emotions, trust, and attention. It often needs very little technical skill. 

Simple comparison 

    • Hacking attacks the system. 

    • Fraud attacks the person. 

    • Hacking may need advanced tools. 

    • Fraud may only need a phone call, message, link, or fake page. 

    • Hacking is often complex. 

    • Fraud is often easy to execute and hard to notice quickly. 

Warning Box ⚠️Do not assume “I am not important enough to be attacked.” Fraudsters do not always choose the richest person. They often choose the easiest person. 

4. WHO CAN BE TARGETED? 

The training material clearly says that anyone using UPI, net banking, debit cards, credit cards, online shopping, WhatsApp, cab services, social media, Google search, or a smartphone can be a target. In simple language, if you are connected to digital services, you are part of the digital ecosystem. That makes you a possible target. 

Fraudsters do not only target people who have large savings. They target people who: 

    • respond quickly 

    • trust easily 

    • do not check carefully 

    • feel fear when they receive urgent messages 

    • use online services often 

    • search for customer care numbers online 

    • click links without checking them 

5. TYPES OF CYBER FRAUD 

The notes divide cyber fraud into two broad routes: internet-based and non-internet-based. Internet-based fraud uses links, apps, email, websites, QR codes, and social media. Non-internet-based fraud uses calls, SMS, letters, physical notices, or in-person approaches. But even offline fraud usually connects back to digital systems, data, or internet-generated information. 

A. Internet-Based Fraud 

1. Fake websites 

A fake website looks like a real website but is made to steal login details, card details, KYC information, or payments. It may copy the logo, colors, and style of a bank, government office, or company. 

Real-life example:

 A person receives a message saying, “Your bank account will be blocked. Update KYC now.” The message contains a link. The link opens a fake bank website. The person enters account details and loses money. 

Warning signs: 

    • Strange spelling in the web address 

    • Unexpected urgency 

    • Poor design or unusual pages 

    • Asking for OTP, password, or PIN 

    • No proper official domain 

2. Fake apps 

Fraudsters create mobile apps that look useful, such as banking help apps, payment apps, coupon apps, parcel apps, or support apps. Once installed, they may collect data, show fake screens, or control the phone. 

Warning signs: 

    • Not available in official stores 

    • Too many permissions 

    • Only shared through a link 

    • Fake reviews 

    • Promises of free money or discounts 

3. Phishing emails 

Phishing emails are fake emails that pretend to come from banks, companies, government offices, or services. They try to make the receiver click a link or open an attachment. 

Warning signs: 

    • Sender address looks slightly wrong 

    • Grammar or spelling mistakes 

    • Pressure to act quickly 

    • Unexpected invoice, refund, or account message 

4. Social media scams 

Fraudsters use fake accounts, impersonation, ads, or messages on social platforms to trap people. They may offer jobs, investments, gifts, friendship, romance, or help. 

5. QR code traps 

A QR code can take a person to a payment page or link. Fraudsters can use QR codes to make people pay money instead of receiving it, or to send them to a fake page. 

Important:

 A QR code is not automatically safe just because it is printed neatly. A QR code is only a doorway. You must know where it leads. 

B. Non-Internet-Based Fraud 

1. Fake phone calls 

A caller may pretend to be from a bank, courier service, police, income tax office, electricity department, or telecom company. The goal is often to create fear or urgency. 

2. SMS scams 

SMS messages may say your package is stuck, your bank account is blocked, your KYC is incomplete, or you have won a reward. The message may include a link or a callback number. 

3. Fake legal notices 

Some fraudsters send fake notices claiming to be from police, court, or government departments. They use fear to force action. 

4. In-person scams 

Someone may visit in person pretending to be a delivery person, bank representative, technician, or official. They may ask for OTPs, signatures, documents, or access. 

6. COMMON & TRENDING SCAMS (2025–2026) 

The material lists several scam styles that are especially common now, including AI-enhanced deception, QR fraud, fake complaint and legal notice scams, parcel scams, pension KYC scams, investment scams, and romance scams. It also mentions the “reverse technique,” where the victim reaches the fraudster instead of the fraudster calling first. 

1. AI scams 

Fraudsters now use artificial intelligence to create fake voices, fake videos, fake photos, and fake messages. They may copy a family member’s voice or create a realistic-looking message from a boss or officer. 

Example:

 A child receives a voice note that sounds like their father asking for urgent money. The voice is fake, but it sounds real enough to create panic. 

Warning signs: 

    • Unusual urgency 

    • Strange tone or wording 

    • Money request through an unusual channel 

    • No proper verification 

2. Deepfake impersonation 

This is a more advanced AI scam where a person’s face or voice is copied. It can be used for fraud, fake approvals, or fake instructions. 

3. Fake customer care scams 

Many people search online for customer care numbers. Fraudsters place fake numbers on websites, ads, or listings. When the person calls, the scammer asks for remote access or payment. 

Golden Rule:

 Never trust search results blindly for support numbers. Use official websites or official apps only. 

4. Pension and KYC scams 

Senior citizens may receive messages saying pension payments will stop unless KYC is updated immediately. This creates fear and confusion. Fraudsters then ask for document details, OTP, or link clicks. 

5. Investment scams 

Fraudsters promise easy profit, double money, fast returns, crypto gains, or special access to schemes. These scams often begin with ads, messages, or social media contact. 

6. Romance scams 

A scammer builds emotional trust over time through chat, calls, or online friendship. Later, they ask for help, loans, gifts, travel money, or emergency transfers. 

7. Parcel scams 

A message may say a parcel is stuck, customs is pending, or a delivery charge is due. The victim is pushed to pay or click a link. 

8. FASTag and payment update scams 

Fraudsters may send fake messages about FASTag recharge, toll issues, payment pending status, or account verification. 

7. HOW FRAUD ACTUALLY HAPPENS: STEP-BY-STEP JOURNEY 

The notes show that cyber fraud usually follows a pattern: data leaks, profiling, scam setup, contact, trap, and loss. 

Step 1: Data collection 

Your data may come from app sign-ups, social media, old leaks, public profiles, or careless sharing. 

Step 2: Profiling 

Fraudsters study your habits, family names, language, online behavior, and possible fears. 

Step 3: Scam setup 

They prepare fake websites, fake customer care pages, fake apps, or fake messages. 

Step 4: Contact 

They contact you by SMS, call, WhatsApp, email, social media, or even in person. 

Step 5: Trigger 

They try to make you act quickly by using fear, urgency, or greed. 

Step 6: Capture 

You may click a link, share OTP, install an app, or send money. 

Step 7: Control and loss 

They may take over your phone, bank access, identity, or money. 

Simple story example:

 A fraudster finds your number, sees that you use a bank app, sends a fake KYC message, gets you to click a link, and then steals your login details. The entire fraud may take only a few minutes. 

8. PSYCHOLOGY BEHIND FRAUD 

Fraudsters do not only use technology. They also use human psychology. The notes mention fear, urgency, authority, greed, scarcity, and trust as the main emotional tools. 

Fear 

“Your account will be blocked.”

 Fear makes people act before thinking. 

Urgency 

“Act now.”

 Urgency stops careful checking. 

Authority 

“I am from the bank / police / tax department.”

 People often obey authority without verification. 

Greed 

“Win a reward.”

 Greed makes people ignore warning signs. 

Trust 

A familiar voice, photo, logo, or profile can create false trust. 

Scarcity 

“Offer available only for 10 minutes.”

 Scarcity makes people rush. 

Golden Rule:

 Fraud is often an emotional attack before it is a financial attack. 

9. COMMON MISTAKES PEOPLE MAKE 

The notes list several common mistakes that expose people to risk. These are very important because fraudsters often rely on ordinary habits. 

Mistake 1: Sharing personal data for small benefits 

People may give their phone number, email, date of birth, or other details for a coupon, discount, or free service. 

What goes wrong:

 The data may be stored, sold, or used for fraud. 

What to do instead:

 Share only what is truly necessary. 

Mistake 2: Uploading photos to unknown AI tools 

Some people upload selfies or family pictures to unknown platforms for fancy image generation. 

What goes wrong:

 The image may be stored, reused, or misused. 

What to do instead:

 Use trusted tools only and avoid sensitive images. 

Mistake 3: Trusting “free” services without checking 

Free apps, free Wi-Fi, and free offers often have hidden costs. 

What goes wrong:

 Your contacts, browsing, or location may be collected. 

What to do instead:

 Ask, “What is the real cost?” 

Mistake 4: Oversharing on social media 

Posting live location, travel plans, ID cards, or personal updates can help fraudsters. 

What goes wrong:

 Fraudsters can profile you and target you better. 

What to do instead:

 Use privacy settings and delay posting travel or personal updates. 

Mistake 5: Clicking unknown links 

This is one of the most dangerous habits. 

What goes wrong:

 It may open phishing pages or install malware. 

What to do instead:

 Pause, verify, and only open official links. 

10. LINKS: THE MOST IMPORTANT 

Links are one of the biggest weapons in cybercrime. What you see is not where you go. A message may look official, but the hidden link may be fake and dangerous. 

A link is like a door. The text on the door may say “Bank,” but the real room behind it may be a trap. A person may see “Click here to update SBI KYC,” but the actual link may be a fake website made to steal information. The notes clearly warn that fraudsters do not need hacking skills when one careless click is enough. 

Visible text vs actual link 

Sometimes the message shows friendly words like: 

    • Click here to verify account 

    • Update KYC now 

    • Track your parcel 

    • Confirm payment 

    • Claim reward 

But when clicked, the actual link may be a strange domain with odd spelling or extra words. 

Examples of suspicious patterns 

    • Strange spelling 

    • Extra hyphens 

    • Wrong domain endings 

    • Fake “secure,” “verify,” or “official” words 

    • Long confusing addresses 

    • Domains that look similar to real brands but are not the real official site 

Why links are dangerous 

A bad link can: 

    • steal passwords 

    • steal OTPs 

    • install harmful software 

    • take you to fake payment pages 

    • trick you into calling fake numbers 

    • make you install remote-control apps 

Golden Rule:

 Trust the domain, not the message. 

Warning Box ⚠️ Never decide safety by looking only at the logo or the message text. 

11. PRACTICAL SAFETY TIPS 

Safety becomes easier when it becomes a habit. The notes recommend practical habits like source verification, permission management, careful payment choices, keeping control over your data, and avoiding unnecessary app installations. 

Everyday safety habits 

    • Pause before clicking. 

    • Verify before trusting. 

    • Use official apps and official websites only. 

    • Share less personal data. 

    • Keep your phone updated. 

    • Remove apps you do not use. 

    • Check app permissions regularly. 

    • Never rush because someone pressures you. 

Do’s 

    • Use strong passwords or passkeys where available. 

    • Turn on two-step verification. 

    • Lock your phone with a PIN, fingerprint, or face lock. 

    • Keep app permissions limited. 

    • Ask a family member before responding to suspicious messages. 

    • Save official helpline numbers separately. 

Don’ts 

    • Do not share OTPs. 

    • Do not give screen access to strangers. 

    • Do not install unknown remote apps. 

    • Do not click unknown links. 

    • Do not trust caller ID alone. 

    • Do not search random support numbers on Google. 

12. DEVICE & APP SAFETY 

Your phone is now your wallet, diary, bank branch, photo album, and identity box. That is why device safety is so important. 

Mobile safety 

    • Keep screen lock enabled. 

    • Set a strong passcode. 

    • Use biometrics where possible. 

    • Keep software updated. 

    • Review installed apps regularly. 

App permissions 

Many apps ask for permissions they do not truly need. 

Be careful if an app asks for: 

    • SMS access 

    • contact access 

    • accessibility access 

    • screen recording 

    • notification access 

    • device admin access 

    • permission to draw over other apps 

Why is this risky?

 Because some scams use these permissions to see messages, capture screens, or control the phone. 

Remote access apps 

Apps such as AnyDesk or TeamViewer are legitimate tools in the right hands, but fraudsters may misuse them. If someone asks you to install a remote access app for “help,” be extremely cautious. 

Warning Box ⚠️ Never allow screen sharing, remote control, or accessibility permissions to unknown persons. 

App download safety 

    • Download only from trusted app stores. 

    • Check developer name. 

    • Read reviews carefully. 

    • Avoid apps promoted only by ads or unknown links. 

13. BANKING & PAYMENT SAFETY 

UPI, net banking, cards, and digital wallets make life easy, but they also create new risks. The notes specifically mention UPI, debit/credit cards, and payment-related traps. 

UPI safety 

    • Verify the receiver before paying. 

    • Check the name shown before confirming payment. 

    • Never share UPI PIN. 

    • Remember: receiving money is not the same as sending money. 

QR code safety 

A QR code can be used for payment. But you must be sure whether it is for receiving money or sending money. Some scams trick people into scanning to “receive” while actually authorizing payment. 

OTP safety 

    • OTP is for you only. 

    • Never share it with anyone. 

    • No bank or company should ask for it by phone, message, or chat. 

Card safety 

    • Do not share card details unless you are on a trusted, official site. 

    • Keep alerts turned on. 

    • Review statements regularly. 

Payment link safety 

    • Never pay through a link received in an unexpected message. 

    • Open the official app instead. 

    • When in doubt, stop the transaction. 

[Insert image: UPI app screen with red warning on unknown payee] 

Golden Rule:

 If someone insists you must pay “right now,” slow down. 

14. EMAIL, SMS, CALL & WHATSAPP SAFETY 

The material gives special attention to how fraud can enter through SMS, calls, WhatsApp, email, and internet messages. 

SMS safety 

    • Do not click unknown links. 

    • Do not trust urgent messages blindly. 

    • Check the sender carefully. 

    • Be careful with messages about bills, rewards, delivery, or account blocks. 

Call safety 

    • Do not trust caller ID alone. 

    • Fraudsters can fake authority. 

    • End the call and verify from the official number yourself. 

WhatsApp safety 

    • Enable two-step verification. 

    • Be careful of unknown groups. 

    • Do not forward unverified messages. 

    • Do not send OTP or documents. 

Email safety 

The notes mention checking sender details, domain names, and email authentication concepts such as SPF, DKIM, and DMARC. In simple terms, the real lesson is: do not trust the display name alone. A message may look like it is from a bank, but the real email address may be different. 

Simple check for any message 

Ask: 

    • Did I expect this? 

    • Is it urgent? 

    • Is it asking for sensitive data? 

    • Can I verify it from an official source? 

15. IDENTITY SAFETY 

Identity theft happens when someone uses your personal data, documents, or accounts without permission. The notes mention Aadhaar safety, masked Aadhaar, DigiLocker, biometric lock, and device protection. 

Aadhaar safety 

    • Share masked Aadhaar where possible. 

    • Use Aadhaar biometric lock when needed. 

    • Be careful where you upload documents. 

    • Avoid sending full ID copies through unsafe channels. 

Documents 

    • Share documents through trusted methods only. 

    • Prefer DigiLocker for digital document sharing when suitable. 

    • Do not send ID cards in open chats to unknown people. 

Social media identity safety 

    • Do not share full birth date, address, ID images, or travel status publicly. 

    • Set profiles to private where possible. 

    • Beware of fake profile requests. 

Why this matters 

Even small pieces of information can help a fraudster build a full profile of you. The more they know, the more convincing their scam becomes. 

16. WEBSITE SAFETY 

Not every website is safe. Fraudsters often create sites that look official but are fake. 

How to check a website 

    • Look at the address bar. 

    • Check spelling carefully. 

    • Look for the official domain. 

    • Do not trust a page just because it has a logo. 

    • Be cautious if it asks for login, payment, or Aadhaar details. 

Government and bank websites 

The notes mention official-style domains such as government and banking domains and stress careful checking of the address. In simple terms, always use the official website address directly instead of clicking a random search result or unknown link. 

Avoid these habits 

    • Do not search for customer care numbers and trust the first result. 

    • Do not use random intermediary support pages. 

    • Do not trust ads that claim to be “official” unless verified. 

[Insert comparison chart: real website vs fake website] 

Golden Rule:

 The browser address is more important than the page design. 

17. WHAT TO DO IF FRAUD HAPPENS 

If fraud happens, speed matters. The notes clearly stress reporting quickly and using official channels. 

Immediate steps 

    1. Stop all further contact with the fraudster. 

    1. Save screenshots, numbers, links, chat records, and transaction details. 

    1. Call the cyber fraud helpline immediately. 

    1. Inform your bank or payment provider. 

    1. Change passwords where needed. 

    1. Block suspicious numbers and apps. 

    1. Inform family members or a trusted person. 

What not to do 

    • Do not panic. 

    • Do not delete evidence. 

    • Do not keep talking to the fraudster. 

    • Do not transfer more money to “recover” money. 

    • Do not believe follow-up messages that claim to be from recovery agents unless verified. 

Warning Box ⚠️ A second fraud often happens after the first fraud. Be alert to “refund recovery” scams. 

18. REPORTING SYSTEM IN INDIA 

The uploaded material clearly lists the main reporting systems and support channels used in India. 

1. National Cyber Crime Portal 

Use the official cybercrime reporting portal for complaints related to cyber fraud and cybercrime. 

2. Helpline 1930 

For financial fraud, immediate reporting through the helpline is very important. 

3. Sanchar Saathi 

This portal can help with: 

    • reporting suspected fraud communications 

    • blocking a lost or stolen phone 

    • checking mobile connections in your name 

    • reporting incoming international calls that appear to use Indian numbers 

4. CHAKSHU 

The notes mention CHAKSHU for reporting suspected fraudulent communication. 

5. TRAI DND App 

This can be used to report spam calls and SMS. 

[Insert infographic: “Where to report?” with icons for each portal] 

19. SUMMARY SECTION 

Modern cyber fraud is no longer only a technical problem. It is a human problem, a trust problem, and an awareness problem. The material repeatedly shows that today’s fraud often uses emotions, links, fake websites, calls, social engineering, and AI tricks rather than advanced hacking alone. 

Key takeaways 

    • Every smartphone user is a target. 

    • Fraud is often more common than hacking. 

    • Links are one of the most dangerous tools in cybercrime. 

    • Fear and urgency are major scam weapons. 

    • Data leaks and oversharing create risk. 

    • Reporting quickly improves the chance of action. 

Golden rules 

    • Pause before acting. 

    • Verify from official sources. 

    • Never share OTP, PIN, or password. 

    • Never allow remote control to unknown persons. 

    • Trust the domain, not the message. 

    • Keep your data in your own control. 

20. QUICK CHECKLIST — DAILY DIGITAL SAFETY 

Use this as a one-page reminder. 

Before clicking any link 

    • Was I expecting this? 

    • Is the sender known? 

    • Does the address look official? 

    • Is this urgent or threatening? 

    • Can I verify it independently? 

Before sharing anything 

    • Do they really need this information? 

    • Am I sharing OTP, PIN, password, or ID? 

    • Is the app or person trustworthy? 

    • Can I use a safer method? 

Before paying money 

    • Is this the official receiver? 

    • Did I verify the name? 

    • Am I on the official app or website? 

    • Am I being rushed? 

Daily habits 

    • Lock your phone. 

    • Update apps and software. 

    • Review permissions. 

    • Use 2-step verification. 

    • Save official helpline numbers. 

    • Keep copies of important documents safe. 

Cyber fraud is not just about technology. It is about attention, trust, patience, and habits. A careful user is a safer user. The best protection is not fear. The best protection is awareness, verification, and calm action. 

A small pause can prevent a big loss.

A single check can save a lifetime of savings.

A trusted source is better than a fast reply.

A safe habit is stronger than a clever trick. 

Final Golden Rule:

When in doubt, stop, verify, and do not proceed. 

By

Manish Vashistha

Email:- manish301@gmail.com

Office email:- ceo@jaimantra.com

Website:- www.jaimantra.com

Explore more updates