Cyber Jagrookta Diwas: CERT-In shares 10 tips to stay safe from malware and deepfake scams
The move follows weeks after the Press Information Bureau's (PIB) Fact Check unit and the Income Tax Department flagged a phishing campaign targeting Indian taxpayers. The scam, dubbed 'PAN 2.0,' involved emails from suspicious addresses likeinfo@smt.plusoasis.com, luring recipients with the promise of an upgraded electronic PAN card. Users were directed to a fraudulent website resembling an official portal and asked to enter sensitive information such as PAN, Aadhaar, and bank account details, potentially exposing them to identity theft and financial fraud.
Officials have reiterated that the Income Tax Department does not send unsolicited emails or messages requesting personal or financial information. All legitimate PAN-related services are only available through official government websites.
In light of such incidents, CERT-In, the government's nodal agency for cybersecurity, has issued a list of ten best practices aimed at protecting citizens from deepfake scams and malware threats. Verify suspicious voice or video requests – Deepfake technology can convincingly imitate voices and faces. Always confirm requests using a separate communication method before responding. Never share OTPs or banking credentials – Even if a message or call appears urgent or official, do not reveal sensitive information. Be cautious about uploading photos – Avoid sharing your personal images on unverified apps or websites that may misuse them for deepfake generation. Discuss cyber threats with vulnerable groups – Children and senior citizens are often targets. Talk to them about the risks associated with deepfakes and phishing.
– Children and senior citizens are often targets. Talk to them about the risks associated with deepfakes and phishing. Enable multi-factor authentication – Add an extra layer of security to your online accounts by using authentication apps or biometrics.
– Add an extra layer of security to your online accounts by using authentication apps or biometrics. Avoid unknown links on social media – Clicking unfamiliar or clickbait links can trigger malware downloads or redirect to phishing sites.
– Clicking unfamiliar or clickbait links can trigger malware downloads or redirect to phishing sites. Check app permissions – Limit what access your installed apps have, especially to your camera, microphone, and location data.
– Limit what access your installed apps have, especially to your camera, microphone, and location data. Keep devices updated – Install security patches and operating system updates promptly to close known vulnerabilities. Use antivirus or anti-malware software – Trusted security tools can help detect and block threats before they cause harm.
– Trusted security tools can help detect and block threats before they cause harm. Report incidents to CERT-In – If you suspect a cyber attack or have already been targeted, report it promptly to India's Computer Emergency Response Team via www.cert-in.org.in.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Hindustan Times
2 minutes ago
- Hindustan Times
ED freezes ₹110 crore linked to illegal betting platform Parimatch
MUMBAI: The Mumbai unit of the Enforcement Directorate (ED) has frozen ₹110 crore lying in mule bank accounts in connection with a money-laundering probe into Cyprus-based illegal betting platform Parimatch. The action followed coordinated searches at 17 locations across the country on Tuesday, including Mumbai, Surat, Delhi, Noida, Kanpur, Madurai and Hyderabad. ED freezes ₹ 110 crore linked to illegal betting platform Parimatch The platform, owned by a Ukrainian national abroad, allegedly amassed nearly ₹3,000 crore from Indian users in 2023-24 alone, luring them with promises of high returns before defrauding them, ED officials said on Thursday. According to investigators, the frozen funds—proceeds of crime—were parked in multiple mule accounts used to layer and divert money to various recipients. Searches also led to the seizure of incriminating documents, digital devices and 1,200 credit cards linked to mule accounts. Complex laundering network The ED's probe, based on a complaint by the cyber police station in Mumbai, has uncovered a multi-layered laundering operation. In south India, user deposits were allegedly funnelled into mule accounts and withdrawn in cash in parts of Tamil Nadu, before being handed to hawala operators. These operators then recharged virtual wallets of a UK-based firm, which were used to buy USDT cryptocurrency in mule accounts run by Parimatch agents. In western India, Parimatch allegedly used Domestic Money Transfer agents to collect betting funds in mule accounts and channel them back through credit card transactions. Investigators have also flagged payment companies whose Payment Aggregator licence applications were rejected by the Reserve Bank of India. These firms allegedly provided backend services to Parimatch disguised as Technology Service Providers (TSPs), offering Application Programming Interface (API) access to integrate mule accounts—often opened in the names of e-commerce and payment service firms—into the platform. The funds were then 'masked' as e-commerce refunds, vendor payments and other routine expenses to obscure their origin and movement, officials said. Aggressive promotion in India To attract customers, Parimatch invested heavily in marketing, sponsoring sports tournaments and tying up with celebrities. Indian-registered entities—'Parimatch Sports' and 'Parimatch News'—were allegedly used for surrogate advertising, funded through foreign remittances. A city - based businessman, who is the complainant in the Mumbai police's case, alleged that he had lost around ₹12.22 crore at the accused illegal platform and its allied applications due to their 'non adherence to fairplay'. The businessman claimed he got attracted to the accused gaming platform's claims related to high returns, sometime in 2021, after noticing its advertisements and celebrity endorsements for it on a social media platform. 'All of us who have lost any money on the accused platform should be compensated,' the complainant told HT.
Hindustan Times
2 minutes ago
- Hindustan Times
83-yr-old duped of ₹7.72 cr by fraud posing as cop
Mumbai: An 83-year old woman was duped of ₹7.72 crores by a person posing as a Colaba police officer. The accused told her that she would be arrested in the money laundering case if she did not pay him. 83-yr-old duped of ₹ 7.72 cr by fraud posing as cop When central agencies saw large sums of money being transferred from the victim's account to an account in Cambodia they alerted the Mumbai crime branch which then went to the victim's house in Marine Lines. At first the woman did not open her doors to them, and she later confessed that the accused, posing as a cyber police officer, had told her that fake cops might approach her. The police said that they blocked her account using a helpline number and eventually convinced her to file a complaint. According to the police, the accused, posing as Ajay Basaria from the Colaba police station, called the victim on July 4. He told her that he was investigating a money laundering case and had found large sums of money transferred to her accounts. The police said that she then got another call from someone posing as the inspector of the Colaba police station. The second accused told her that she and her daughter could be arrested since the money transferred into her account was gotten out of criminal activity. When the victim told the accused that she did not have any such accounts, the accused claimed that the bank accounts had been opened in her name using her Aadhaar and PAN cards. The accused then asked her to transfer the sum of money and told her that it would be returned to her after due verification. From July 4 to August 11, the woman transferred around ₹7.72 crore to various bank accounts as directed by the accused. She told the police that the accused had even sent her forged letters to gain her confidence. She grew suspicious when she demanded her money back and the accused began asking for various extra charges despite giving her a clean chit. Based on her complaint, on August 12 the police registered a case under sections 318 (cheating), 319 (cheating by personation), 336 (forgery), 340 (forged document or electronic record and using it as genuine), 204 (personating a public servant), 308 (extortion) of the Bharatiya Nyaya Sanhita (BNS), and various sections of the Information Technology Act.
Hindustan Times
2 minutes ago
- Hindustan Times
Majority of ‘digital arrest' victims in Chandigarh are women
A recent trend in the rising cases of 'digital arrest' cyber frauds in Chandigarh shows that majority of the victims are women. According to police data, 13 digital arrest cases have been registered in the city so far in 2025, of which nine involved women victims while remaining cases involved men, most of them senior citizens over the age of 60. Cyber police sensitising elderly residents during a door-to-door awareness drive on digital arrest frauds in Chandigarh on Thursday. (HT Photo) The fraudsters, posing as law enforcement officials or government representatives, exploit fear and social stigma to trap their targets. According to Chandigarh police, the modus operandi involves callers impersonating officers from the CBI, NCB, or cyber cell, claiming that the victim's bank account or Aadhaar has been linked to a crime. In many cases, victims are coerced into staying on video calls for hours, termed as a 'digital arrest', and eventually forced to transfer large sums of money to 'secure' accounts. Women disproportionately targeted Police point out that women are particularly vulnerable due to the fear of reputational harm and the stigma attached to being linked to criminal investigations. 'Fraudsters know that fear works differently with women. They use intimidation tactics, claiming that their names will appear in public FIRs or media if they do not cooperate. This fear often overrides rational decision-making,' said DSP Cyber, Venkatesh. In one recent case, a 72 year-old woman in Chandigarh was duped of ₹11 lakh after she was told her Aadhaar was used for drug trafficking. She was kept on a 16-hour video call, during which she was repeatedly threatened with arrest and defamation. Divya Bansal, professor and head of cyber security and research at PEC said, 'Women are often more vulnerable to cybercrimes and financial frauds, including 'digital arrest' scams, due to a mix of socio-behavioural and structural factors. In many socio-cultural settings, women may exhibit higher trust in perceived authority figures and a stronger inclination to comply with official-sounding instructions. Fraudsters exploit this by using fear-based and urgent narratives to trigger quick, uncritical responses using psychological manipulation. Women engaged in online financial transactions or remote work may also share personal details more frequently, increasing exposure to data harvesting.' Bansal added, 'Limited participation in targeted cyber safety training further reduces awareness of evolving fraud tactics. Social conditioning also discourages challenging authority or engaging in confrontations can also make women less likely to question suspicious demands. These factors combine to make women particularly susceptible to manipulative, high-pressure cyber fraud schemes.' 'Cyber awareness kiosks are being set up at public places' DSP Cyber, Venkatesh said, 'We are going beyond traditional awareness drives. Advertisements are being run in theatres, and our Public Address System is being used to spread real-time traffic and cyber safety messages. Soon, we will launch the Cyber Swachta Mission to build a cleaner and safer digital space. Cyber awareness kiosks are being set up at public places, and our teams are visiting door-to-door to sensitise residents. The idea is to ensure that no citizen falls prey to fear-driven scams like digital arrests.' Police are also collaborating with banks and telecom operators for quick freezing of suspicious accounts and numbers flagged in such crimes. Woman duped of over ₹11 lakh (August 2025) A resident of Sector 35 was defrauded of more than ₹11 lakh by someone impersonating a police officer. The fraudster falsely claimed her Aadhaar was linked to a parcel sent to Thailand containing narcotics. She was then connected to a supposed IPS officer from Delhi's cybercrime cell and coerced into withdrawing her fixed deposits and transferring funds under the pretext of clearing the case. Woman loses ₹77.4 lakh (July 2025) A woman from Sector 34 fell victim to a 'digital arrest' scam, in which perpetrators posing as law enforcement agents intimidated her into transferring ₹77.4 lakh. Elderly woman duped of ₹1 crore (July 2025) A major fraud racket was busted where an elderly woman of Sector 33 was tricked into transferring ₹1.01 crore. Perpetrators posed as CBI officials, used forged documents, and manipulated her to use multiple bank accounts. The cyber cell arrested ten individuals. However, only ₹36 lakh was frozen and is slated for return.
