Last November, the cybercrime police station (CCPS) in Bengaluru, the only one in the city at the time, had to suspend operations because of an unusual problem.
The number of FIRs (First Information Reports) registered in 2019 were on the verge of crossing 10,000. The software used by the police allowed for registration of FIRs with only four-digit serial numbers, and hence the software could not register any more cases. Due to this, the station had to be shut on November 23, and was reopened only on December 10 after the software was upgraded to allow entry of five-digit FIR serial numbers.
The incident highlights two major cybercrime-related issues in the city — the sheer number of crimes reported and the police’s shortcomings in dealing with these. In fact, CCPS registered 10,131 cases in 2019, but did not file a chargesheet in any of these cases.
City Police Commissioner Bhaskar Rao attributes this to the sheer number of cases the station received, but assures the number will improve in 2020.
Kuldeep Jain, Deputy Commissioner of Police (Crime) and in-charge of CCPS, says that having a lone station which was understaffed was a reason for the lack of chargesheets. CCPS, which started operations in April 2017, has staff strength of just 25. The large number of cases led to the staff spending a lot of time in administrative work like registering cases, rather than in investigation.
|Year||Number of FIRs registered||Number of chargesheets filed|
Cybercrimes registered and chargesheets filed in CCPS so far. Source: CCPS
Jain says that though chargesheets were not filed, ‘final reports’ were submitted in more than 600 cases last year. These reports are filed in cases where the complainants get back their stolen money though the accused is not caught or identified.
Bengaluru is India’s cybercrime capital
According to the NCRB (National Crime Records Bureau) report of 2018, Bengaluru remains the Indian city with the highest number of cybercrimes, by a large margin. A total of 5,253 cybercrimes were reported in the city overall in 2018, as per NCRB data.
The city closest to Bengaluru was Mumbai with 1,482 cybercrimes, followed by Lucknow (962), Hyderabad (428) and Jaipur (415). In Bengaluru, the number of cases showed a 91.51 percent increase in a year as per NCRB data – from 2,743 in 2017 to 5,253 in 2018.
DCP Jain says that Bengaluru being India’s IT capital and seeing rapid growth, is connected to the rising cybercrimes. “Also, awareness in terms of lodging complaints has increased among citizens. Earlier, for smaller crimes they would not give a complaint, but now they do. And not just for frauds, but for other cybercrimes too, for example, something derogatory on social media, mishandling of data, and so on.
Eight new cybercrime stations
To address the issue of staff shortage and rising crimes, eight police stations in Bengaluru – one in each division – were designated as CEN (cybercrime, economic offences and narcotics) stations last December. All new cybercrime complaints are now registered at these stations.
This might have reduced the burden on the existing station, but the police has not done much to address the sheer number of incidents — about 30 per day on average. The work is cut out for these new stations.
New stations still not fully equipped
Eight existing police stations, which also serve as offices of the Deputy Commissioner of Police for the respective divisions, have been identified as CEN stations.
|Division||CEN police station|
|South East||HSR Layout|
Citizens can approach any of these stations to register their complaints. According to Jain, the old station on Infantry Road, Vasanth Nagar, will not accept new cases from the public directly. They will only address the cases already registered as well as any important cases referred to them by the CEN stations as they have more experience.
Jain says, “Anyone can approach any station, but we are educating them to go to the one near their houses. As per a government order, a dedicated staff of 30 members have to be assigned to each of the eight stations. In addition, two members who have technical background will be recruited in each station.”
Jain says the recruitment, to be carried out via a centralised process, has not been done yet and might take up to six months. In addition, some technical things, like allocation of courts to the stations, are yet to be done.
Commenting on the delay in setting up the stations, Bengaluru Police Commissioner Bhaskar Rao termed it ‘starting trouble’ but assured the stations would be streamlined soon.
Cops try to keep pace with newer crimes
Not only are cybercrimes on the rise, conmen keep coming up with newer methods to commit frauds. Last December, the State Bank of India issued a warning on frauds committed via ‘juice jacking.’
As per the SBI notification, conmen have apparently developed devices that look like USB ports used for charging. These cables are left at charging stations at public places like airports. When people use them to charge phones, a malware enters the phones via the cable, which in turn bypasses phone security, enabling conmen to steal sensitive data including financial credentials.
Though the basic methods and platforms of fraud remain the same, conmen are becoming more adept. In December, Abdul Rahim (name changed on request), a corporate lawyer, was looking to order furniture online. He found a post on a classified advertising platform, which offered furniture at rates much cheaper than market rates. He contacted the person who posted the ad, and was offered a further 10 per cent discount upon ordering from the particular website.
“As an advocate, I review Terms & Conditions of websites. But the website appeared legitimate and I could not smell anything fishy,” Rahim says. He then made a payment of Rs 65,800 for the furniture. But the furniture did not arrive, and the contact person blocked his number, upon which Rahim realised he had been cheated.
Commissioner Rao said the number of cybercrimes was expected to increase further as more sources of crimes were coming up in the digital world.
|On consulting experts/hackers
The police has not yet utilised the services of consultants or experts, including ethical hackers, to crack cases. Jain says, “In my experience I have not interacted with a hacker, but I really want to meet one. I will be excited if someone like that can help us crack cases. We will have to see if we can take them on board.”
Jain admits that the police is not fully equipped to handle the kind of crimes that are usually reported. “We are still learning and evolving, as we see a new kind of crime quite often. We are trying to keep up to date by conducting some sort of training for our staff regularly.” He says the police do not need any specific equipment to crack cases, but a better mainframe system with higher speed would help.
Over 3,700 debit/credit card frauds in 2019
In 2019, the most common cybercrimes were debit/credit card frauds and ‘card skimming’.
Ø Debit/Credit card frauds, or ‘vishing’: The conman pretends to be a representative of a firm, for instance a bank, over a call and makes the victim reveal sensitive information of debit/credit cards. To guard against these, you should avoid revealing such information over phone.
Ø Card skimming: The fraudster uses a hidden device to steal information in the card. This is also carried out at ATMs. To prevent this, you should take care of your cards and check ATM machines for extra devices.
Ø Advance fee scams: Conmen basically ask for advance money from the victim. It could be either for a gift that the victim has ostensibly won, or to buy something on a classified platform. This can be prevented by making advance payment only upon ordering from trusted, known platforms.
Ø Job frauds: Conmen bait victims by offering plum jobs, sometimes in foreign countries. They then con them by asking for payment for visa and other formalities. Do not trust such offers; apply for jobs only through proper channels.
‘Awareness best way to combat cybercrime’
Police officials say the best way to reduce such crimes is increased awareness among the public. “It is also people’s responsibility. If they keep revealing their OTP number in spite of being instructed not to, what can we do? How many times do bankers instruct customers to not share OTP, but people keep on doing it,” Commissioner Rao says.
Prashant Babu, inspector at CCPS, echoed the sentiment, and claimed as much as 95 per cent of cybercrime victims were well-educated. His advice to the public involves not sharing OTP, not scanning unknown QR codes and not clicking on unknown links. Jain suggests formatting one’s phone every two months as a precaution against frauds.