#FactCheck - Viral Claim About Nitish Kumar’s Resignation Over UGC Protests Is Misleading

Introduction

‍

In October 2024, when the comedian's phone rang, and the voice at the other end claimed to be a FedEx representative, comedian Ankita Shrivastav thought it was a simple issue of misdelivery or customer grievance. The caller said that a parcel in her name was detected being shipped to Iraq and contained illegal drugs. The phone was soon handed over to what appeared to be police personnel in uniform, and she was told that she was under investigation and placed under a so-called digital arrest. For seven hours, she was ordered not to disconnect the call, leave her home, or contact anyone. Through fear, authority, constant surveillance, and psychological pressure, the scammers coerced her into transferring ₹9 lakh in the FedEx parcel scam.

This is the anatomy of one of India's fastest-spreading cyber frauds, and it is costing victims everything.

‍

The Modus Operandi

‍

The most concerning part is the sheer consistency of the script. It usually starts with an unsolicited call, made on a spoofed number that could show up as a legitimate courier or government agency. The caller acts as a FedEx/DTDC executive and claims that a parcel dispatched in the victim’s name to either Taiwan, Iraq, Thailand, or Cambodia has been intercepted and contains drugs, forged passports, or fake credit cards.

As the victim tries to establish that they have no knowledge of this, the scammers smoothly shift the conversation to someone must have impersonated the victim’s Aadhaar number. The victim is now both accused and victim and, therefore, more easily manipulated.

The call is "transferred" to a fake NCB officer or cybercrime cell official. The victim sees a person dressed in uniform seated behind a mock police station set with official-looking documents scattered on the desk. A fake arrest warrant that carries the victim’s real name, address, and Aadhaar number, presumably acquired from stolen databases, is presented to the victim.

This is what the scammers call the "digital arrest." The victim is commanded not to move from the camera, nor leave the house, nor speak to anybody. Scammers take turns monitoring the call, who eventually ask the victim to transfer cash into a "secure government account" for RBI or CBI verification. 

‍

The Psychology of Fear

‍

"The art of scamming is psychological rather than technological," journalist and author Soumya Gupta opines. The scammers use two deeply primal fears: the fear of the police and the fear of social disgrace. Their victims are manipulated into believing that ending the call is tantamount to pleading guilty and that confessing to friends and family will only exacerbate their current circumstances. The victims' isolation is deliberately induced and combined with fatigue and disorientation.

"From a young age, we are taught to be scared of the police and not to question them,” comedian Ankita Shrivastav, who fell victim in October 2024, explains that childhood condition silenced the alarm bells ringing in my head. Shrivastav admitted that her fear of damage to her reputation made her more susceptible to the scam.

‍

The Human Cost

‍

The FedEx parcel scam is targeting everyone, irrespective of age, income, background, or education. Victims of this scam show the kind of different people they are: A 70-year-old veteran journalist was psychologically tortured for eight days in Bangalore, losing 1.2 crores, whereas a 61-year-old retired executive of a multinational was video watched for almost a fortnight in Bangalore, losing 9.14 crores, and additionally, a 25-year-old woman lost 10 lakhs through a video call scam in Coimbatore.

Such a varied mix of victims in such different cases suggests how hard it is to stereotype the ones being swindled: there can be individuals of different age groups ranging from 25 to 70 years old, both educated and non-educated.

‍

Why the Scam Is Spreading?

‍

This FedEx parcel scam is a result of a highly industrialised, sophisticated cybercrime system. The National Cyber Crime Reporting Portal records over 45,000 complaints tagged as specifically 'courier-impersonation fraud' in 2024 alone, where a 1,200-crore loss was registered in that category. 

This scam is powered by stolen Personal Identifiable Information (PII), illegally gathered by scammers through compromised e-commerce stores and rogue registry sites. This data enables the scammers to personalise and tailor the conversation to each individual to make it more believable. Furthermore, fake arrest warrants can be produced within minutes using official-looking templates, and the scammers utilise AI voice cloning and deep-fake videos of government officials. Vast networks of call centres (some based out of India and some overseas, including scam compounds in Cambodia and Myanmar) operate this scam with teams working in shifts. Money is quickly laundered into accounts of 'mule' account holders and quickly into cryptocurrency wallets. Post 24 hours of receiving the funds, recovering money is nearly impossible.

‍

What You Must Do If You Get This Call?

‍

One should always remember: no genuine government official will ever carry out an arrest over a video call. There is no "digital arrest," and this process has absolutely no basis in Indian law. If you do get such a call:

• Cut the call immediately: The scammers have you where they want you if you stay on the line. It is not illegal to hang up on them.
• Do not transfer money under threat or compulsion: No authentic investigative process ever requires you to move money to a "secure government account."
• Never share: your Aadhaar details, bank details, OTP, or passwords with anyone you speak to on the phone.
• Do not provide video statements: Whatever you say can be recorded and used to blackmail you further.
• Verify information independently: Call FedEx India (1800-22-6161) or any courier company using numbers from their official website, never numbers provided to you by the caller.
• Lock: your UPI, cards and Aadhaar biometrics instantly if you feel you have shared information with them.
• Call: 1930 within an hour of money transfer. The rate of recovery is 40-60% within one hour and less than 5% after 24 hours.
• File a complaint at cybercrime.gov.in and an FIR at your local cyber police station.
• Tell someone: Isolation is the scammer's greatest tool. Breaking it breaks the scam

‍

Conclusion

‍

The FedEx parcel scam is also based on a very basic human reaction: the fear of being accused, the urge to obey any figure that represents authority, and the desire to avoid public humiliation. It is designed to skip any part of the brain that may be used to rationalise anything. The only real prevention is to realise, before answering, that the call is never about the FedEx parcel, never from FedEx.

‍

References

‍

• https://www.aol.com/news/fedex-says-parcel-drugs-scam-220400617.html
• https://righttoinformation.wiki/fedex-courier-scam-recovery
• https://www.thenewsminute.com/karnataka/beware-of-fedex-scam-bengaluru-journalist-loses-rs-12-crore
• https://www.digit.in/news/general/coimbatore-woman-loses-rs-10-lakh-in-shocking-courier-scam-heres-what-happened.html
• https://www.deccanherald.com/india/fedex-courier-scam-a-tale-of-terror-trickery-and-deceit-2804802
• https://www.deccanherald.com/india/karnataka/bengaluru/fedex-frauds-con-scared-retiree-of-rs-9-crore-2810169
• https://www.deccanherald.com/india/karnataka/bengaluru/fedex-frauds-hold-woman-in-digital-captivity-for-8-days-2848168
• https://www.deccanherald.com/india/karnataka/bengaluru/how-to-fight-fedex-courier-scam-2836566
• https://www.businesstoday.in/india/story/fedex-scam-lawyer-blackmailed-424883-2024-04-09
• https://www.ncrb.gov.in/uploads/files/2CrimeinIndia2024-VolumeII.pdf‍
• https://www.newsmobile.in/fraud-and-scam/indian-comedian-falls-victim-to-fedex-digital-arrest-scam-loses-rs-9-lakh/
  

Introduction

The advent of frontier AI has significantly widened the range of actors who can launch cyberattacks, extending beyond state actors with immense capabilities or organized professional cybercriminal rings. In its most critical advisory, CIAD-2026-0020, titled "Defending against frontier AI-driven cyber risks," which was released on April 26, 2026, the Indian Computer Emergency Response Team (CERT-In) officially stated that AI can now carry out autonomous cyber activities of unprecedented scale and speed. The advisory highlights that these frontier AI models can perform automated reconnaissance, phishing, malware creation, vulnerability identification, and social engineering with minimal human involvement, thus "lowering the barrier to orchestrating complex cyber attacks." The risks that such AI models pose are not restricted to state actors and corporate entities anymore and also extend to MSMEs, public organizations, and individuals.

‍

India’s Escalating Cybercrisis

The Indian digital economy has been developing at a very fast pace, but the same cannot be said about its cybersecurity. Having a base of over 850 million internet users and a digital payment sector that records a massive 22,495 crore in monthly transaction volumes, coupled with the fastest-growing cloud sector in the world, India continues to remain a lucrative prey for cybercriminals. There were over 265 million attempts reported in the last year, 2025, alone, where close to 46% of all incidents detected were in enterprises with fewer than 1,000 employees, a very grave reality for MSMEs. MHA confirmed there were 28.15 lakh reported cybercrime complaints in 2025 as compared to 2024, with a jump of 24%. In this worsening environment the advisory is a breakthrough in Indian cyber governance. Where previously advisories covered only conventional threats like phishing and malware, the new warning names frontier agentic AI systems as autonomous multipliers of threats, capable of conducting operations at scale and speed with significantly reduced human oversight.

‍

What is “Frontier AI” and why does it matter?

CERT-In’s decision to adopt the term "Frontier AI" is deliberate and meaningful. The advisory’s scope is a new category of agentic AI, which moves well beyond traditional chatbot-style AI, having the capacity to reason, plan, perform multiple actions in a single task autonomously, and carry out complicated tasks with minimal or no human guidance. CERT-In highlights that these tools now possess the capabilities that were "previously carried out by a coordinated team of skilled cybersecurity professionals." The advisory clearly flags the risk that these advanced models have the capability to generate malicious code, conduct network scans, probe systems for vulnerabilities, and even orchestrate intricate multi-stage cyberattacks in a single session. Their capacity to analyse a vast number of source code libraries to identify vulnerabilities, even unknown zero-day ones, and then develop proof-of-concept exploits at high speed. This means that the historical lead time to turn a vulnerability discovery into an exploit tool has reduced from weeks to just hours.

‍

Six Core Threat Vectors identified by CERT-In

1. AI-driven Automatic Zero-Day Discovery: AI-based solutions discover zero-day vulnerabilities and automatically create exploits in minutes, reducing the time taken by defenders.
2. AI-driven Autonomous Reconnaissance: AI-driven agents scan cloud infra, APIs, and enterprise networks and outline attack vectors.
3. AI-driven phishing & deepfakes: Multilingual, highly targeted phishing emails, deepfake audio, and deepfake voice/video calls bring sophistication to social engineering.
4. Deepfake Financial Fraud: AI creates deepfake executives for high-value money transfers. For example, reports have indicated crore-level fund loss cases in India.
5. AI-powered Autonomous Attack Chains: Advanced AI models are able to automatically perform multiple malicious stages like privilege escalation, lateral movement, data exfiltration, and data extraction.
6. Cascading failures of interconnected systems: A single AI-supported security breach can have catastrophic domino effects on connected digital systems and critical infrastructures.

‍

Why are MSMEs a target?

CERT-In’s warning is specifically targeted toward the weakness of the Indian MSMEs. Contributing almost 30% to India's GDP and employing over 110 million individuals, most MSMEs have failed to adequately prepare themselves against contemporary cyber threats. While a large corporation would have a full-time cybersecurity team, a security operation centre, and frequent vulnerability assessments, the majority of MSMEs lack such infrastructure due to budget constraints, out-of-date software, etc. This lack of security has proved to be quite disadvantageous for smaller businesses, as India was identified as one of the top global targets for cyberattacks, where approximately 46% of the total breaches worldwide targeted organizations having fewer than 1000 employees. The advisory claims that frontier AI systems have significantly increased the threats, for the skills necessary to carry out advanced cyberattacks have dramatically decreased. Ransomware, phishing and data exfiltration can be executed by even unsophisticated attackers. The aftermath could result in critical financial, operational, and compliance impact on these MSMEs.

‍

The Global Context

These developments seem to validate CERT-In's warning about threats posed by frontier AI. In its 2026 State of Cybersecurity Report, ISACA listed AI-related threats as the top concern of cybersecurity professionals; 61% of those surveyed reported generative AI/large language models as the top technology trend impacting cyber risk. Worryingly, in 2026 only 7% were confident in their organizations' defenses against ransomware. Check Point Software's Cyber Security Report 2026 corroborates this; in 2025 the report stated that in a single year, the trend of combined social engineering-based campaigns with automated operational execution has risen considerably. In all phases of the lifecycle of a cyberattack reconnaissance, social engineering, and tactical decision-making AI is being applied. KPMG is warning of deepfake-enabled fraud now "spreading at a faster rate than that experienced at the beginning of the phishing era, which is currently still the leading type of attack in the world."

‍

CERT-In Recommendations

‍

For Large Organisations:

‍

1. The use of security monitoring, threat detection, and log analysis should be increased.
2. DDoS protection systems and multi-factor authentication (MFA) should be implemented on all internet-facing devices and assets.
3. Critical security patches should be installed within 24 hours of release.
4. Old VPN and remote-access infrastructure should be updated or replaced.
5. AI-driven cyber drills and incident response simulations should be regularly performed.

‍For MSMEs:

‍

1. Software and security updates should be automatically enabled on all devices and systems.
2. MFA should be enabled on organisational accounts and sensitive platforms.
3. MSMEs should utilize MSSPs for specialized support and monitoring.
4. Detailed inventories of IT assets and system logs should be kept for fast incident response.
5. Staff should be educated about identifying AI-generated phishing, deepfakes, and scams.

‍

For Individuals:

‍

• Independent communication channels should be used to verify any dubious message or money request.
• Software from unverified sources or unauthorised channels should not be downloaded.
• The use of strong and unique passwords along with MFA wherever possible should be enforced.

‍

From Advisory to Action

The May 2026 cybersecurity road map released by CERT-In signals a departure from identification of threats to enabling operations against frontier AI-led cyber threat landscapes. This initiative builds on their April advice and delineates a clearly articulated three-phase roadmap comprising immediate cyber readiness, AI governance controls, and deep integration of AI-driven defenses. It also provides for the establishment of a focused AI Cyber Defense Center and various multisector governance provisions. A prominent area is the increased threat of impersonation via deepfakes, and companies are encouraged to institute executive verification procedures prior to approving high-value transactions. The framework also emphasizes the establishment of an AI asset register requiring formal accounting and governance of all AI systems utilized in an enterprise. Meanwhile, CERT-In also recognizes the twin-use nature of frontier AI: for every threat, the same technology can bolster security with automated threat detection, phishing, and log analysis in real time.  However, the deployment of state-of-the-art defenses is uneven, especially with MSMEs, where there isn’t the requisite domain expertise and funding for this infrastructure. Accordingly, the road map puts the emphasis on immediate and stronger cyber hygiene, compulsory incident reporting, enhancing AI literacy, and proper implementation of the Digital Personal Data Protection Act for long-term security investment and resilience.

‍

Conclusion

The CERT-In advisory CIAD-2026-0020 signifies a vital acknowledgment of AI's transformational impact on the cybersecurity ecosystem. Capabilities formerly exclusive to elite state actors are being deployed by low-skilled users, leveraging state-of-the-art frontier AI tools. India’s MSMEs, enterprises, and digital citizens are experiencing a rapidly accelerating threat milieu. In this context, the CERT-In advisory and the ensuing blueprint can no longer be dismissed as ordinary government pronouncements but as critical operational imperatives. It is the country’s ability over the next few years to shore up its collective cyber resilience to the ever-increasing scale and sophistication of AI-powered attacks that will prove crucial.

‍

References:

1. https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES02&VLCODE=CIAD-2026-0020
2. https://www.zeebiz.com/technology/news-cert-in-flags-high-severity-ai-cyber-risks-amid-claude-mythos-concerns-394448
3. https://www.business-standard.com/technology/tech-news/cert-in-warning-ai-scams-frontier-models-mythos-gpt-5-5-what-it-means-126042800988_1.html
4. https://www.businesswire.com/news/home/20251020612551/en/
5. https://corporate.indiamart.com/2025/07/29/staying-ahead-of-cyber-threats/
6. https://kpmg.com/kpmg-us/content/dam/kpmg/pdf/2025/deepfakes-real-threat.pdf

‍

Introduction

Uttar Pradesh's state government has taken significant step to promote e-sports, organised games played on video or digital formats, under its new sports policy. The plan includes setting up an e-sports centre in the state, providing basic infrastructure to athletes in every district, and including them under various beneficiary schemes. Schools and colleges will also be asked to promote e-sports. The government sees e-sports as a crucial tool for connecting with young people and a significant market for businesses, game developers, and sports organisations. An awareness program will be held at high school and college levels to educate children about the benefits of e-sports. A talent search and skill development model will be created by studying the national and international e-sports ecosystem.

Recognition to E-Sports

The Uttar Pradesh cabinet, chaired by Chief Minister Yogi Adityanath, has approved the New Sports Policy 2023 to promote and foster a sports culture in the state. The policy focuses on various aspects, including physical fitness and training, and supports the development of new institutions and connecting schools, colleges, and private academies with sports. The state government has also incorporated provisions from other states to help athletes chase their goals.

The state's first-ever sports policy, establishing a primary fund of 10 crore for the Uttar Pradesh Sports Development Fund (UPSDF). The policy also inducted e-sports, becoming the first state in India to have e-sports in its official policy. E-sports refers to competitive and organized video game events, and the Centre has officially recognised it. 

Key highlights of the Uttar Pradesh Sports Policy 2023

The government's sports department, with the help of the industrial directorate, will plan to promote sports goods manufacturing in the state, with Meerut being one of the main clusters. 

The policy also promises to increase the participation of women in sports. Para-athletes will be accommodated in all schemes of the sports department, and special coaches will be appointed for para-sports.

Athletes who have represented the state at national and international levels will be part of the state pension scheme, receiving monthly pensions and preference for university admission and jobs under the sports quota. Cash prizes will be awarded based on international performance and will be increased for those who help these athletes win medals at the top level.

Way forward

The policy promises financial assistance to sports associations and academies, allowing them to expand their infrastructure and training facilities. The state will also establish 14 centres of excellence, each centred around a particular sport, through Public-Private Partnership (PPP) models. The state sports authority will be established, on the lines of the Sports Authority of India (SAI). A State Sports Development Fund will be put in place to provide assistance to weak players, associations, or academies. Five high-performance centres will be built in the state, providing training facilities for high-performance athletes.

The policy also includes provisions for financial assistance to budding athletes, providing health insurance coverage of up to Rs 5 lakh for registered players and funds from the Eklavya Sports Fund for injury treatment. Players will receive training based on their skill power, with three categories: grassroots players, elite-class players, and elite-class players. Other notable aspects of the policy include establishing sports centres in each district, promoting local and indigenous sports, encouraging the sports industry, promoting e-sports, providing better facilities in hostels, forming committees for international players, encouraging schools to start sports nurseries or academies, and forming a committee for the Khelo India University Games which is a largest ever competition held at university level in India.

Conclusion

Uttar Pradesh's New Sports Policy 2023 is a significant step towards sports development, integrating e-sports into its sports promotion strategies. Under Chief Minister Yogi Adityanath, the state government is committed to sports infrastructure development, talent identification, and athlete support systems. The policy emphasises inclusivity, accommodating para-athletes, and providing financial assistance, training, and health insurance coverage for athletes. Initiatives include establishing sports centres, promoting indigenous sports, encouraging private investments, and fostering collaboration between educational institutions and sports academies. The policy also encourages for organising and hosting national and international level e-sports competitions in the state. This forward-looking approach aims to harness the full spectrum of sporting opportunities, empowering citizens and elevating its standing in national and international sporting arenas.

References:

• https://www.business-standard.com/article/current-affairs/uttar-pradesh-cabinet-approves-new-sports-policy-2023-encourage-athletes-123031001063_1.html

• https://g2g.news/esports/uttar-pradesh-government-to-promote-esports-under-new-sports-policy/

• https://www.hindustantimes.com/cities/lucknow-news/up-cabinet-approves-state-s-maiden-sports-policy-101678473134649-amp.html

• https://timesofindia.indiatimes.com/city/lucknow/e-sports-to-get-major-push-with-new-policy/amp_articleshow/98646728.cms

‍