#FactCheck -Edited Newspaper Clipping Falsely Linked to Indira Gandhi’s Appeal Against Buying Gold

Introduction

‍

The trajectory of India's digital economy is growing at an unprecedented rate, and so is India's cybercrime ecosystem. Parliamentary data tabled before the Rajya Sabha in May 2024 by the MHA suggests an overwhelming 900% growth in cybercrime complaints from 2021 to '25, while annual losses crossed 22,800 crore in 2024. The structural issues like the low victim restitution rate, the lack of forensic infrastructure, issues of jurisdiction related to offshore fraud factories targeting Indian citizens, and the huge disparity in awareness levels amongst India's youngest online citizens continue to exist. This brief brings out the clear trends in cybercrime, the role of institutional mechanisms in its prevention and response, failure points, and recommends appropriate policy interventions from the perspective of CyberPeace.

‍

The Data Imperative

‍

Since its operationalisation in 2019 by the Indian Cyber Crime Coordination Centre (I4C), the NCRP serves as India's most significant institutional apparatus for cybercrime reporting and response. Data placed before the Rajya Sabha by the Ministry of Home Affairs on 30 July 2025 show that, with almost no exception, complaints of cybercrime have increased far more quickly than most traditional indicators of public safety. Between 2021 and June 2025, the NCRP received 6.59 million complaints, evidence of both a sustained and escalating expansion of India's cyber threat profile. Complaints per year more than quadrupled from 4.52 lakh in 2021 to 19.18 lakh in 2024 (324% over the period); by 2025, the NCRP had received 28.15 lakh complaints, a 523 percent rise compared with the 2021 baseline:

Clearly, cyber-enabled crime is no longer an occasional crisis but a systemic governance issue requiring consistent regulation and institution-building.

The financial fallout has also accelerated dramatically. Figures indicate that reported financial losses due to cybercrime jumped from 2,290 crore in 2022 to 22,812 crore in 2024 a 895% leap in two years:

‍

‍

Though response mechanisms such as the Citizen Financial Cyber Fraud Reporting and Management System (CFCFRMS) successfully blocked or recovered close to 8,690 crore as of January 2026, victims appear to get back only about 2.18 percent of the losses they report. 

In most areas, reporting and response have expanded greatly, but both the rate and scale of cyber-enabled financial fraud continue to outstrip India's remediation and law enforcement capacity. 

‍

Threat Typology of India’s Fraud Ecosystem

‍

The nature of cyber crime in India has evolved from an opportunistic volume-based activity to a layered transnational criminal environment. I4C intelligence as tabled in Parliament reveals investment scams as the biggest threat: they accounted for 76% of the financial fraud lost in 2025 (although only 35% of complaints were filed, thus, a very high value per case was lost).

‍

‍

Digital arrest frauds, which tap on citizens' unawareness that "digital arrest" is not permissible under Indian law, rose from 39,925 cases (91 crore) in 2022 to 123,672 cases (1,935crore) in 2024.

‍

‍

The fast rise in the number of incidents as well as in the volume of fraud clearly points out that digital arrest fraud has moved away from the phase of novel scam typology to a formidable cyber-extortion landscape. The main orchestrators of investment, trading, dating, and digital arrest scams targeting Indian citizens were recently identified by the I4C CEO Rajesh Kumar as transnational criminal scam networks in Cambodia, Myanmar, and Laos. Hence, this issue does not only fall within the domain of domestic law enforcement but constitutes a transnational cybercrime requiring parallel financial intelligence, diplomatic initiative, platform responsibility, and international investigative collaboration.

‍

‍

‍

Geographic Concentration
‍

Maharashtra and UP register the highest volumes in total complaints at 3.03 lakh and 3.01 lakh, owing to them being the financial capital and most populous state, respectively. Karnataka, Gujarat, Delhi, WB, Telangana, TN, Rajasthan, and Haryana register above 1 lakh complaints each. However, the critical information that is being missed is that while complaint rate growth is the fastest in Tier 2 and 3 geographies (Haryana leads per-capita complaint rate with 381/100k people in 2023; Telangana (261); Uttarakhand (243)), this signifies rural digital growth as a risk multiplier.
‍

Institutional Architecture: Mechanisms and Performances
‍

India's institutional response to cybercrime, led by the Ministry of Home Affairs' Indian Cyber Crime Coordination Centre (I4C), is one of the world's largest real-time fraud detection and prevention ecosystems. The backbone of this is the Citizen Financial Cyber Fraud Reporting and Management System (CFCFRMS), which has onboarded over 700 banks, payment service providers, e-commerce portals, digital wallets, and, since the Standard Operating Procedure was issued on 2nd January 2026, virtual asset service providers and crypto exchanges. This interconnected network allows for prompt freezing of funds and timely fraud intervention during the 'golden hour' of a cybercrime report. 

‍

Institutional capacity is robust, with approximately 8,690 crore saved via the CFCFRMS since its inception for over 24.65 lakh complaints. The national cybercrime helpline (1930) receives close to 10,000 calls daily, while the Suspect Registry has enabled the rejection of 9,519 crore via the detection of 23.05 lakh suspect entities and 27.37 lakh mule accounts. In parallel, the CyTrain platform has expanded training by registering 151,081 police and judicial officers and issuing 142,025 certificates. Cyberforensic labs in all 33 States and Union Territories have received central assistance totalling 132.93 crore, and data-driven interstate crime analytics and offender linkages through the Samanvaya and Pratibimb platforms have led to 21,857 arrests.
‍

Ecosystem Gaps
‍

Through I4C, CFCFRMS, CyTrain, and the establishment of forensic infrastructure in states, India’s cybercrime ecosystem has greatly grown. But due to the rapid proliferation of cybercrime, systemic shortcomings are revealed regarding the restoration of victims, investigation, forensic capacity, cross-border enforcement, awareness, and stakeholder coordination:

• Victim Restitution Deficit: Although the total of ₹ 8,690 crore frozen has increased, the refund for victim compensation is limited to only ₹ 167 crore (2.18%) due to lengthy restoration processes relying on court orders.
• Forensic Capacity Limitations: 2 national, state-level, unevenly equipped cyber forensic labs can’t match the needs of over 10 million cybercrime complaints per year.
• Low conviction rate: The investigations of cybercrimes suffer from evidence collection and criminal proceedings, leading to limited conviction rates.
• Cross-border enforcement challenges: Many of the investment and digital arrest scams, in fact, are originating from Cambodia, Myanmar, and Laos, rendering the cybercrime response mechanisms of India helpless.
• Lack of Awareness: First-time digital users are quite prone to online scams and fraud, and many of the victims continue not reporting due to social stigma and lack of confidence.
• Partial Stakeholder Integration: Banks and small financial institutions, small companies, and emerging virtual asset providers not yet on board allow the money to slip through without being tracked.

CyberPeace Insights: Strategic Way Forward
‍

India has already built a relatively mature response structure for cybercrime with I4C, CFCFRMS, and CyTrain and is coordinating the financial sector on it. The way ahead lies in outcome-oriented improvements and not just in the ability to report and intercept more. Here are the priority interventions that address the most important institutional shortcomings identified in the current ecosystem:

• Fast-track victim restoration: Introduce time-bound victim restoration mechanisms for low-value incidents through simplified processes and mandate national-level roll-out of successful Lok Adalat-based settlement mechanisms.
• District-level cyber forensics: Establish cyber forensic support units at the district level and enhance access to mobile, cloud, and blockchain forensic capabilities.
• AI-powered fraud prevention: Mandate deep-fake and voice-clone detection mechanisms across all financial institutions and telecom networks; embed predictive risk analytics into transaction screening frameworks.
• Cyber Suraksha Gram initiative: Increase digital fraud awareness across all common service centres, Jan Dhan enrollment schemes, and rural banking channels, and tackle the awareness asymmetry.
• Regional cybercrime coordination: Establish real-time, operational intelligence-sharing mechanisms with Southeast Asian economies, which have become home to large scam networks preying on Indian citizens.
• Specialised cyber prosecution ecosystem: Develop exclusive cyber courts, standardise digital evidence procedures, and broaden the scope of CyTrain to include the development of specialised cadres of investigators and prosecutors capable of handling increasingly complex cybercrime cases.

Conclusion
‍

The 22,812 crore lost due to cybercrime in 2024 was more than a mere figure; it signifies a serious concern regarding citizen trust, economic security, and digital inclusion. Though India's institutional response to cybercrime is one of the largest, with an operational I4C and a CFCFRMS functioning in real time, the victim compensation and prosecution mechanism falls short. It's time for implementation: faster recovery of resources, increased enforcement, a larger scale of awareness, and finally, translating the institutional innovations into concrete justice for victims nationwide.

References
‍

1. https://sansad.in/getFile/annex/270/AU1341_tmaxdx.pdf?source=pqars
2. https://www.mha.gov.in/MHA1/Par2017/pdfs/par2025-pdfs/LS02122025/452.pdf
3. https://www.pib.gov.in/PressReleasePage.aspx?PRID=2244504&reg=3&lang=2
4. https://static.pib.gov.in/WriteReadData/specificdocs/documents/2025/oct/doc2025107659501.pdf
5. https://www.medianama.com/2025/08/223-india-cybercrime-500-percent-increase-2021-2024/
6. https://theprint.in/india/cybercrime-saw-24-spike-in-2025-indians-lost-rs-22495-crore-mainly-in-investment-scams/2859930/

‍

‍

Introduction

‍
In today’s digital era, warfare is being redefined. Defence Minister Rajnath Singh recently stated that “we are in the age of Grey Zone and hybrid warfare where cyber-attacks, disinformation campaigns and economic warfare have become tools to achieve politico-military aims without a single shot being fired.” The crippling cyberattacks on Estonia in 2007, Russia’s interference in the 2016 US elections, and the ransomware strike on the Colonial Pipeline in the United States in 2021 all demonstrate how states are now using cyberspace to achieve strategic goals while carefully circumventing the threshold of open war.

Legal Complexities: Attribution, Response, and Accountability

‍

Grey zone warfare challenges the traditional notions of security and international conventions on peace due to inherent challenges such as :

• Attribution
  The first challenge in cyber warfare is determining who is responsible. Threat actors hide behind rented botnets, fake IP addresses, and servers scattered across the globe. Investigators can follow digital trails, but those trails often point to machines, not people. That makes attribution more of an educated guess than a certainty. A wrong guess could lead to misattribution of blame, which could beget a diplomatic crisis, or worse, a military one.
• Proportional Response
  Even if attribution is clear, designing a response can be a challenge. International law does give room for countermeasures if they are both ‘necessary’ and ‘proportionate’. But defining these qualifiers can be a long-drawn, contested process. Effectively, governments employ softer measures such as protests or sanctions, tighten their cyber defences or, in extreme cases, strike back digitally.
• Accountability
  States can be held responsible for waging cyber attacks under the UN’s Draft Articles on State Responsibility. But these are non-binding and enforcement depends on collective pressure, which can be slow and inconsistent. In cyberspace, accountability often ends up being more symbolic than real, leaving plenty of room for repeat offences.

International and Indian Legal Frameworks

‍

Cyber law is a step behind cyber warfare since existing international frameworks are often inadequate. For example, the Tallinn Manual 2.0, the closest thing we have to a rulebook for cyber conflict, is just a set of guidelines. It says that if a cyber operation can be tied to a state, even through hired hackers or proxies, then that state can be held responsible. But attribution is a major challenge. Similarly, the United Nations has tried to build order through its Group of Governmental Experts (GGE) that promotes norms like “don’t attack. However, these norms are not binding, effectively leaving practice to diplomacy and trust.

India is susceptible to routine attacks from hostile actors, but does not yet have a dedicated cyber warfare law.  While Section 66F of the IT ACT, 2000, talks about cyber terrorism, and Section 75 lets Indian courts examine crimes committed abroad if they impact India,  grey-zone tactics like fake news campaigns, election meddling, and influence operations fall into a legal vacuum.

Way Forward

‍

• Strengthen International Cooperation
  Frameworks like the Tallinn Manual 2.0 can form the basis for future treaties. Bilateral and multilateral agreements between countries are essential to ensure accountability and cooperation in tackling grey zone activities.
• Develop Grey Zone Legislation
  India currently relies on the IT Act, 2000, but this law needs expansion to specifically cover grey zone tactics such as election interference, propaganda, and large-scale disinformation campaigns.
• Establish Active Monitoring Systems
  India must create robust early detection systems to identify grey zone operations in cyberspace. Agencies can coordinate with social media platforms like Instagram, Facebook, X (Twitter), and YouTube, which are often exploited for propaganda and disinformation, to improve monitoring frameworks.
• Dedicated Theatre Commands for Cyber Operations
  Along with the existing Defence Cyber Agency, India should consider specialised theatre commands for grey zone and cyber warfare. This would optimise resources, enhance coordination, and ensure unified command in dealing with hybrid threats.

Conclusion

‍

Grey zone warfare in cyberspace is no longer an optional tactic used by threat actors but a routine activity. India lacks the early detection systems, robust infrastructure, and strong cyber laws to counter grey-zone warfare. To counter this, India needs sharper attribution tools for early detection and must actively push for stronger international rules in this global landscape. More importantly, instead of merely blaming without clear plans, India should focus on preparing for solid retaliation strategies. By doing so, India can also learn to use cyberspace strategically to achieve politico-military aims without firing a single shot.

References

‍

• Tallinn Manual 2.0 on the International Law Applicable to Cyber Operations (Michael N. Schmitt)
• UN Document on International Law in Cyberspace (UN Digital Library)
• NATO Cyber Defence Policy
• Texas Law Review: State Responsibility and Attribution of Cyber Intrusions
• Deccan Herald: Defence Minister on Grey Zone Warfare
• VisionIAS: Grey Zone Warfare
• Sachin Tiwari, The Reality of Cyber Operations in the Grey Zone

‍

Amid reports of widespread protests in Iran over the past two weeks, a video showing protesters setting cars on fire is being widely shared on social media with claims that it depicts recent unrest in the country.

However, research by Cyber Peace Foundation has found the viral claim to be false. Our resarch shows that the video is not from Iran, but from violent protests that took place near the Turkish Consulate in Thessaloniki, Greece, on November 1, 2025.

‍

Claim:

‍

On January 11, 2026, users on social media platform X (formerly Twitter) shared the viral video claiming it showed massive anti-regime protests in Iran. One such post alleged:

“1.5–1.85 million Iranians are fighting on the streets tonight. 180 cities are burning… The revolution has spread. Iranians have decided to continue this fight for freedom until Iran becomes free from Islamic rule.”

The post’s link and archived version can be seen below: (Link and archive link)

‍

• https://x.com/TigerRajaSinggh/status/2010194257978765485 
• https://archive.ph/6tYog 

‍

Fact Check:

‍

To verify the claim, we extracted keyframes from the viral video and conducted a Google Reverse Image Search. During this process, we found the same video uploaded on Instagram on November 2, 2025, well before the recent protests in Iran. (Link): https://www.instagram.com/reel/DQjRtCOjOPM/ 

‍

‍

‍

Further analysis revealed that the video was uploaded from a Greek Instagram account, indicating that the visuals are unrelated to Iran.

It is important to note that while protests in Iran have been ongoing for the past two weeks, the viral video has been circulating on the internet since early November 2025, establishing a clear timeline mismatch.

A keyword search led us to a report published on November 2, 2025, by Ekathimerini, a leading Greek media outlet. The report detailed violent clashes that erupted in Thessaloniki following a concert by Greek rapper Lex.

‍

According to the report:

‍

Police in Thessaloniki detained 18 people and arrested one individual on drug-related charges. The unrest began when a group attacked police forces stationed outside the Turkish Consulate. During the clashes, six cars were damaged, two of them completely burned, along with a garbage bin. ( report link and screenshot)

‍

https://www.ekathimerini.com/news/1285560/eighteen-detained-one-arrested-after-clashes-following-concert-in-thessaloniki/?utm_source=dlvr.it&utm_medium=facebook 

‍

‍

‍

In the next stage of the investigation, we found similar visuals to the viral video on a YouTube channel named “Taifer”, where the footage was published on November 2, 2025. The link to the post and its screenshot can be seen below.

‍

(YouTube link): https://www.youtube.com/watch?v=TejETjQRmTQ 

‍

‍

To strengthen our findings, we conducted a geolocation analysis of the video. By comparing road layouts, surrounding buildings, light poles, and other visual markers with online maps and images, we confirmed that the location shown in the video matches Agios Dimitriou Street in Thessaloniki, Greece.

(Location link)

• https://www.google.com/maps/@40.6347331,22.9554444,3a,75y,37.28h,80.17t/data=!3m7!1e1!3m5!1s2H9zH20LJ1kWuWYQH46fHg!2e0!6shttps:%2F%2Fstreetviewpixels-pa.googleapis.com%2Fv1%2Fthumbnail%3Fcb_client%3Dmaps_sv.tactile%26w%3D900%26h%3D600%26pitch%3D9.829999999999998%26panoid%3D2H9zH20LJ1kWuWYQH46fHg%26yaw%3D37.28!7i16384!8i8192?entry=ttu&g_ep=EgoyMDI2MDEwNy4wIKXMDSoKLDEwMDc5MjA2N0gBUAM%3Dस 

‍

‍

Our research clearly establishes that the viral video being shared as footage of recent protests in Iran is misleading. The video actually shows violent demonstrations near the Turkish Consulate in Thessaloniki, Greece, on November 1, 2025, and has no connection to the current situation in Iran.

‍