Masterclass on Cyber Crime, Scams & Safety Hacks • By • Sathishkumar Kannan, MS (UK) • Ethical Hacker & Cyber Security Expert • Founder & CEO, WHY Global Services Statistics • Every 39 seconds, a cyberattack happens worldwide. In India alone, over 1.3 million cybercrime complaints were registered in 2024. Have you ever faced an online scam? (Phishing email, fake call, OTP scam, hacked account)” Cybercrime is any criminal activity that involves a computer, network, or digital device either as a tool, a target, or both. Types of Cyber Crime Financial Cybercrime Identity Theft System & Device Attack Online Harassment & Exploitation Phishing Social Engineering Emerging AI-Driven Threats Financial Cybercrime • Online Fraud & Scams – Fake invoices and UPI frauds, • Business Email Compromise (BEC) – CEO/CFO impersonation, Employee Impersonation for payroll redirection. • Mobile App Scams – Fake loan apps steal data & harass users. 👉 Case: Hundreds of Indian women blackmailed by loan app gangs (2024). 👉 Stat: Indians lost ₹ 1,750+ crore in Jan–Apr 2024 alone Most Common Online Frauds • Phishing • Spear-Phishing • Whaling • Lottery Scam • Online Shopping Frauds • WFH Scam BEC • Xoom Corporation , a California-based money-transfer firm, fell victim to BEC when spoofed emails caused a loss of $30.8 million in corporate funds. • Immediate loss of $30.8 million in corporate funds. • Share prices fell by more than 14% when the news broke. • The company faced lawsuits and SEC scrutiny. • Xoom’s Chief Financial Officer (CFO) resigned soon after the breach. • Severe reputational damage in the highly sensitive money-transfer industry. Mobile App Scams (Loan Apps) – Blackmail • Fake loan apps lure people with instant credit. Once installed, these apps: • Access contacts, photos, and personal files. • Demand repayment at high interest (even after full repayment). • Use morphed images, harassment, and blackmail to extort victims. Why it’s dangerous? • Operates from international cybercrime networks. • Women are especially targeted with obscene deepfakes. • Harassment continues even after loans are repaid. • Victims often face mental trauma, family shame, and financial ruin. • A 22-year-old Vizag fisherman (2024) borrowed ₹ 2,000 from a loan app. • A 31-year-old Kerala woman (2024) borrowed ₹ 6,000. • BBC investigation revealed at least 60 suicides in India linked to sextortion from loan apps. • Victims included students, homemakers, and professionals. • Apps often operated from China and SE Asia, using Indian agents for collection (BBC) Criminals steal personal or corporate data (like PAN, Aadhaar, bank logins, customer databases) to commit impersonation, fraud, or sell it on the dark web. In 2022, a cybercriminal gang used stolen Aadhaar and PAN details to create fake bank accounts and launder money through them. Victims only realized when they received IT notices for accounts they never opened. (Source: India Today, 2022) Data Theft Hackers break into company databases and steal personal data (emails, phone numbers, credit cards). • Aadhaar Leak (2018): Data of over 1.1 billion Indians was exposed via UIDAI, sold on the dark web for just ₹ 500. • Air India Breach (2021): Personal data of 4.5 million passengers leaked, including passport and credit card details. • Domino’s India Breach (2021): Hackers leaked 18 crore order details (phone numbers, addresses, card details) on a searchable portal. Duplicate SIMs to Bypass OTPs • Fraudsters trick telecom operators into issuing a duplicate SIM card of your number. Once active, all your bank OTPs go to them , enabling fund transfers and account takeovers. Mumbai Businessman (2023): Lost ₹ 40 lakh in 8 transactions after fraudsters hijacked his SIM and intercepted OTPs. Funds were withdrawn via ATMs in West Bengal. Steel Trading Firm (2025): Lost ₹ 7.5 crore in Mumbai after SIM swap fraud gave criminals access to company accounts. Targeting IT Infrastructure, Servers & Devices Cybercriminals attack the backbone of technology - servers, networks, or personal devices to steal, lock, or disrupt critical information systems. Ransomware • Malicious software that encrypts company data and demands ransom (often in cryptocurrency). • AIIMS Delhi (2022): Servers were hacked, paralysing healthcare operations. Over 40M patient records were compromised. Ransom demand: ₹ 200 crore in crypto (Source: Times of India) Ransomware-as-a-Service (RaaS) Cyber gangs now sell or lease ransomware kits on the dark web. Even low-skilled criminals can launch advanced attacks. LockBit Ransomware (2024): Hit 2,000+ companies worldwide , demanding millions in ransom. LockBit is considered the “most active ransomware group.” (Source: Europol/Interpol reports)