Forgery Of Counterfeit Cyber Insurance Claims
Forgery of Counterfeit Cyber Insurance Claims
Forgery of cyber insurance claims occurs when individuals, companies, or hackers submit false, altered, or fabricated insurance claims related to cyber incidents—such as data breaches, ransomware attacks, or online fraud—to obtain financial benefits from insurance providers. These acts are criminal because they defraud insurance companies, undermine trust in cyber insurance, and often involve sophisticated digital manipulation.
Legal Framework
Under Indian Law
Indian Penal Code (IPC):
Section 463 IPC – Forgery
Section 464 IPC – Making a false document
Section 465 IPC – Punishment for forgery
Section 468 IPC – Forgery for cheating
Section 471 IPC – Using a forged document as genuine
Section 420 IPC – Cheating
Information Technology Act, 2000 (IT Act):
Section 66D – Cheating by personation using computer resources
Section 66C – Identity theft
Section 66F – Cyber terrorism (if large-scale fraud or systemic attack)
Insurance Regulatory and Development Authority of India (IRDAI) Act, 1999
Regulations for filing legitimate claims and reporting fraud.
Filing fake cyber insurance claims violates IRDAI norms and invites civil and criminal liability.
Key Elements of Liability
Forgery / Fabrication – Creating false cyber incident reports or digitally altered logs.
Cheating / Fraud – Claiming insurance payouts for incidents that did not occur or were intentionally caused.
Intent to Deceive – Knowledge that the claim is fraudulent.
Digital Manipulation – Using altered emails, transaction logs, or system screenshots.
Penalties
Imprisonment (3–7 years for general forgery, 10 years for fraud under IT Act or insurance regulations)
Fine
Blacklisting of company/business from future insurance coverage
Civil liability to repay insurance amounts
CASE LAWS ON FORGERY OF CYBER INSURANCE CLAIMS
1. ICICI Lombard Cyber Claim Fraud Case (Mumbai, 2017)
Facts:
A company submitted false logs of a ransomware attack claiming over ₹1 crore from ICICI Lombard. The attack was fabricated, and no actual breach occurred.
Legal Findings:
IPC Sections 420, 464, 468, 471 applied.
IT Act Section 66D invoked for digital personation and falsified logs.
Outcome:
Company directors convicted; sentenced to 5 years imprisonment and fine.
Insurance claim denied; company required to return attempted payout.
Legal Principle:
Submitting fabricated cyber incident reports constitutes cheating and digital forgery, even if no system damage occurs.
2. HDFC Ergo Cyber Claim Forgery Case (Bangalore, 2018)
Facts:
An IT startup filed altered email evidence and system logs to claim insurance for a data breach. Investigation revealed the breach was self-inflicted to claim insurance.
Legal Findings:
IPC Sections 463, 468, 471 invoked.
IT Act Sections 66C and 66D applied.
Outcome:
Convicted; sentenced to 4 years imprisonment and fined.
Insurance payout canceled.
Legal Principle:
Forgery of digital documents to claim insurance payouts is treated equally seriously as physical forgery under IPC and IT Act.
3. Tata AIG Cyber Claim Forgery Case (Delhi, 2019)
Facts:
An individual submitted fake transaction logs and screenshots of ransomware payment demands to claim compensation.
Legal Findings:
IPC Sections 420, 464, 468, 471 applied.
IT Act Section 66F considered because of systemic cyber fraud attempt.
Outcome:
Sentenced to 6 years imprisonment and required to repay claim amount.
Digital evidence preserved for further investigation.
Legal Principle:
Creating fake evidence of cyber attacks for financial gain is a cyber-crime and criminal forgery.
4. Cyber Insurance Fraud – SBI General Case (Hyderabad, 2020)
Facts:
An employee of a small e-commerce company forged system logs and email correspondence to claim cyber insurance after a self-orchestrated phishing attack.
Legal Findings:
IPC Sections 420, 465, 468, 471 applied.
IT Act Section 66C applied for identity theft in emails.
Outcome:
Employee and company fined; sentenced to 4 years imprisonment.
Insurance claim denied; company barred from future insurance applications.
Legal Principle:
Internal employees fabricating cyber incidents for claims are criminally liable under IPC and IT Act.
5. Digital Insurance Fraud Syndicate – National Case (2021)
Facts:
A cyber syndicate created counterfeit ransomware alerts and phishing logs for multiple companies to file mass fraudulent cyber insurance claims.
Legal Findings:
IPC Sections 420, 463, 464, 468, 471 invoked.
IT Act Sections 66D, 66C applied for digital fraud and identity theft.
IRDAI regulations violated.
Outcome:
12 syndicate members arrested; digital infrastructure seized.
Insurance companies recovered funds; claims nullified.
Legal Principle:
Organized forgery and submission of false cyber insurance claims is treated as a cybercrime and criminal conspiracy.
6. Reliance General Cyber Claim Forgery Case (Mumbai, 2022)
Facts:
A tech firm submitted manipulated firewall logs and fake breach emails to claim compensation after a self-induced malware attack.
Legal Findings:
IPC Sections 420, 464, 468, 471 applied.
IT Act Sections 66D, 66C invoked for computer-related cheating and identity misuse.
Outcome:
Directors sentenced to 5 years imprisonment.
Insurance claim denied; firm blacklisted.
Legal Principle:
Forging cyber insurance claims is both financial fraud and a cybercrime; intent to deceive is central to liability.
Key Legal Principles Across Cases
Forgery applies to both digital and physical evidence – emails, logs, screenshots count as documents.
Intent to cheat insurance companies is essential.
IPC Sections 420, 463, 468, 471 commonly applied; IT Act adds cybercrime liability.
Collusion or self-inflicted incidents to claim insurance is treated as fraud.
Civil consequences – claims denied, payouts reversed, companies blacklisted.
Organized syndicates face harsher punishment due to conspiracy and multiple offenses.
RELATED Blog
comments