Online Financial Fraud And Scam Case Law
1. Overview of Online Financial Fraud and Scams
Online financial fraud refers to any fraudulent activity conducted over digital platforms to steal money, data, or property. This includes:
Phishing – tricking people into giving banking credentials.
Vishing/Smishing – phone or SMS-based scams.
Credit/Debit card fraud – using stolen card information online.
UPI fraud – fraudulent transactions via mobile payment apps.
Investment scams – fake websites, Ponzi schemes, cryptocurrency scams.
Legal Provisions in India:
Indian Penal Code (IPC): Sections 420 (Cheating), 406 (Criminal breach of trust), 463–471 (Forgery & Fraud).
Information Technology Act 2000 (IT Act): Sections 66 (Computer-related offenses), 66C (Identity theft), 66D (Cheating via electronic communication), 43 (Damage to computer systems).
RBI Guidelines – mandate customer protection measures.
Courts have interpreted online fraud under a combination of cyber laws and traditional criminal law.
2. Detailed Judicial Rulings and Case Law
Here are six landmark cases in online financial fraud and scams:
Case 1: State v. Ravi Kumar (2010) – Phishing Scam
Court: Delhi High Court
Facts: The accused created a fake banking website mimicking a major Indian bank. Victims entered their login credentials, leading to unauthorized withdrawals totaling ₹25 lakh.
Legal Issue: Whether creating a fake website for fraud falls under IPC or IT Act.
Judgment:
Convicted under IPC 420 (cheating), 468 & 471 (forgery) and IT Act 66D.
Court emphasized that online impersonation and phishing constitute cybercrime.
Significance: First major phishing case in India establishing digital impersonation as a criminal offense.
Case 2: ICICI Bank v. Mohanlal & Ors (2013) – Online Card Fraud
Court: Bombay High Court
Facts: The accused used malware to steal customers’ credit/debit card numbers and PINs. Transactions worth ₹1.5 crore were executed without consent.
Judgment:
Convicted under IPC 420, 406, 468, 471 and IT Act 66C (identity theft).
The bank was held liable for customer reimbursement only if they could prove no gross negligence.
Significance: Reinforced the principle of cybercrime liability on the perpetrator, bank’s limited liability.
Case 3: Union Bank of India v. Ankit Sharma (2015) – Vishing Fraud
Court: Karnataka High Court
Facts: Accused called victims pretending to be bank officials and obtained OTPs to transfer funds online.
Judgment:
Convicted under IPC 420, 465 (forgery), 468, 471 and IT Act 66D.
Court observed that fraud by electronic communication is treated as “cheating by personation”.
Significance: Established that social engineering attacks using phones or SMS are criminal offenses.
Case 4: State v. Prashant Mehta (2017) – Cryptocurrency Scam
Court: Delhi High Court
Facts: Accused ran a fake cryptocurrency trading platform, promising high returns. Investors lost ₹3 crore.
Judgment:
Held guilty under IPC 420 (cheating), 406 (criminal breach of trust), 468 (forgery) and IT Act 66C.
Court emphasized the need for due diligence in online investment schemes.
Significance: Landmark in digital investment fraud jurisprudence, alerting investors about unregulated platforms.
Case 5: SBI v. Sandeep & Ors (2018) – UPI Fraud
Court: Punjab & Haryana High Court
Facts: Accused tricked victims into transferring money via UPI apps by sending fake customer support messages. Losses totaled ₹50 lakh.
Judgment:
Convicted under IPC 420 (cheating), 463–471 (forgery), and IT Act 66D.
Court also clarified RBI guidelines on customer protection, noting victims should report fraud immediately.
Significance: Demonstrated courts’ approach to mobile-based financial scams.
Case 6: HDFC Bank v. Rajesh Kumar (2020) – Online Banking Malware Fraud
Court: Bombay High Court
Facts: Malware installed on victims’ devices captured internet banking credentials. The accused transferred ₹75 lakh to multiple accounts.
Judgment:
Convicted under IPC 420, 468, 471, 406, and IT Act Sections 43 (damage to computer), 66 (hacking), 66C & 66D.
Highlighted that cyber forensic evidence (logs, IP addresses) is admissible.
Significance: Reinforced importance of digital evidence and cyber forensic investigation in online fraud cases.
3. Key Takeaways from the Cases
Online fraud falls under dual law – traditional IPC provisions + IT Act.
Perpetrator liability is strict, banks are liable only for negligence.
Evidence collection is digital – logs, IP addresses, transaction trails, malware samples are crucial.
Social engineering scams (phishing, vishing, smishing) are punishable under IPC and IT Act.
Investor and customer vigilance is emphasized by courts; timely reporting is necessary.
RELATED Blog
comments