#FactCheck: Beware of Fake Emails Distributing Fraudulent e-PAN Cards

Introduction

In the advanced age of digitalization, the user base of Android phones is high. Our phones have become an integral part of our daily life activities from making online payments, booking cabs, playing online games, booking movie & show tickets, conducting online business activities, social networking, emailing and communication, we utilize our mobile phone devices. The Internet is easily accessible to everyone and offers various convenient services to users. People download various apps and utilize various services on the internet using their Android devices. Since it offers convenience, but in the growing digital landscape, threats and vulnerabilities have also emerged. Fraudsters find the vulnerabilities and target the users. Recently, various creepy online scams such as AI-based scams, deepfake scams, malware, spyware, malicious links leading to financial frauds, viruses, privacy breaches, data leakage, etc. have been faced by Android mobile users. Android mobile devices are more prone to vulnerabilities as compared to iOS. However, both Android and iOS platforms serve to provide safer digital space to mobile users. iOS offers more security features. but we have to play our part and be careful. There are certain safety measures which can be utilised by users to be safe in the growing digital age.

‍

User Responsibility: 

Law enforcement agencies have reported that they have received a growing number of complaints showing malware being used to compromise Android mobile devices. Both the platforms, Android and Google, have certain security mechanisms in place. However, cybersecurity experts emphasize that users must actively take care of safeguarding their mobile devices from evolving online threats. In this era of evolving cyber threats, being precautious and vigilant and personal responsibility for digital security is paramount.

‍

Being aware of evolving scams

1. Deepfake Scams: Deepfake is an AI-based technology. Deepfake is capable of creating realistic images or videos which in actuality are created by machine algorithms. Deepfake technology, since easily accessible, is misused by fraudsters to commit various cyber crimes or deceive and scam people through fake images or videos that look realistic. By using the Deepfake technology, cybercriminals manipulate audio and video content which looks very realistic but, in actuality, is fake. 
2. Voice cloning: To create a voice clone of anyone's, audio can be deepfaked too, which closely resembles a real one but, in actuality, is a fake voice created through deepfake technology. Recently, in Kerala, a man fell victim to an AI-based video call on WhatsApp. He received a video call from a person claiming to be his former colleague. The scammer, using AI deepfake technology, impersonated the face of his former colleague and asked for financial help of 40,000. 
3. Stalkerware or spyware: Stalkware or spyware is one of the serious threats to individual digital safety and personal information. Stalkware is basically software installed into your device without your consent or knowledge in order to track your activities and exploit your data. Stalkware, also referred to as spyware, is a type of malicious software secretly installed on your device without your knowledge. Its purpose is to track you or monitor your activities and record sensitive information such as passwords, text messages, GPS location, call history and access to your photos and videos. Cybercriminals and stalkers use this malicious software to unauthorisedly gain access to someone's phone devices.

‍

Best practices or Cyber security tips:

• Keep your software up to date: Turn on automatic software updates for your device and make sure your mobile apps are up to date.
• Using strong passwords: Use strong passwords on your lock/unlock and on important apps on your mobile device.
• Using 2FA or multi-factor authentication: Two-factor authentication or multi-factor authentication provides extra layers of security. Be cautious before clicking on any link and downloading any app or file: Users are often led to click on malicious online links. Scammers may present such links to users through false advertisements on social media platforms, payment processes for online purchases, or in phone text messages. Through the links, victims are led either to phishing sites to give away personal data or to download harmful Android Package Kit (APK) files used to distribute and install apps on Android mobile phones.‍
• Secure Payments: Do not open any malicious links. Always make payments from secure and trusted payment apps.  Use strong passwords for your payment apps as well. And secure your banking credentials.‍
• Safe browsing: Pay due care and attention while clicking on any link and downloading content. Ignore the links or attachments of suspicious emails which are from an unknown sender. ‍
• Do not download third-party apps: Using an APK file to download a third-party app to an Android device is commonly known as sideloading. Be cautious and avoid downloading apps from third-party or dubious sites. Doing so may lead to the installation of malware in the device, which in turn may result in confidential and sensitive data such as banking credentials being stolen. Always download apps only from the official app store.‍
• App permissions: Review app permission and only grant permission which is necessary to use that app. ‍
• Do not bypass security measures: Android offers more flexibility in the mobile operating system and in mobile settings. For example, sideloading of apps is disabled by default, and alerts are also in place to warn users. However, an unwitting user who may not truly understand the warnings may simply grant permission to an app to bypass the default setting.‍
• Monitoring: Regularly monitor your devices and system logs for security check-ups and for detecting any suspicious activity.‍
• Reporting online scams: A powerful resource available to victims of cybercrime is the National Cyber Crime Reporting Portal, equipped with a 24x7 helpline number, 1930. This portal serves as a centralized platform for reporting cybercrimes, including financial fraud.

‍

Conclusion:

The era of digitalisation has transformed our lives, with Android phones becoming an integral part of our daily routines. While these devices offer convenience, they also expose us to online threats and vulnerabilities, such as scams like deepfake technology-based scams, voice clones, spyware, malware, and malicious links that can lead to significant financial and privacy breaches. Android devices might be more susceptible to such scams. By being aware of emerging scams like deepfakes, spyware, and other malicious activities, we can take proactive steps to safeguard our digital lives. Our mobile devices remain as valuable assets for us. However, they are also potential targets for cybercriminals. Users must remain proactive in protecting their devices and personal data from potential threats. By taking personal responsibility for our digital security and following these best practices, we can navigate the digital landscape with confidence, ensuring that our Android phones remain powerful tools for convenience and connection while keeping our data and privacy intact and staying safe from online threats and vulnerabilities.

‍

References: 

https://www.todayonline.com/singapore/explainer-why-android-devices-prone-online-scams-users-guard-against-it-2252066

‍

Introduction

The Department of Telecommunications (DoT) changed course just 48 hours after the directive dated December 1, 2025,  sparked controversy. On December 3, 2025, the department publicly reversed its directive to smartphone manufacturers to pre-install the Sanchar Saathi app starting in March of the following year. The withdrawal marked the ending of a tumultuous, quick-paced event that highlighted how dynamic digital policy can be in a democracy. 

‍

The DoT explained its move in calculated terms. The government said that the first mandate was no longer necessary due to an abrupt increase in voluntary app downloads brought on by the public furore. The agency stated , “The mandate to install the app was meant to accelerate the process because the number of users has been growing rapidly.”

‍

The app in question is not new. When it was first introduced in 2023, it was intended to be a public safety where people could report suspicious calls, identify numbers registered in their name, block stolen devices using their IMEI, confirm the authenticity of their handset, and report fraudulent international calls that were disguised as Indian numbers. The platform has quietly expanded over the past two years with features like utilities to check mobile connections, as well as Chakshu for reporting fraud. When used freely, it has helped numerous people in navigating the increasingly complex web of online scams. 

‍

Balancing Protection and Personal Freedom

In India, there isn’t much precedent for requiring all phones to have a certain government backed app installed. While operators supported TRAI’s DND app in 2018 and emergency numbers were integrated during the pandemic, they did not go into the territory of compulsory pre-installation.

‍

Legal experts have time and again pointed out that although the government can control telecommunications for security reasons, any mandatory action pertaining to personal devices may be subject to constitutional review under the right to privacy, as stated in the Puttaswamy ruling. Not because the app is flawed in and of itself, but rather because every transition from voluntary adoption to mandatory compliance necessitates a higher standard of necessity, proportionality, and protections.  

‍

The Pulse of the Policy

The DoT’s stated rationale was clear: fake, duplicated or spoofed IMEIs represent a major cyber-security threat. India currently faces some of the world’s highest levels of SIM misuse, digital impersonation, online extortion, and device cloning crimes. Even a small fraction of compromised devices can do great harm in a nation with over a billion active mobile users.

‍

The DoT’s AI and Digital Intelligence Unit, a small seven-person team in charge of SIM security, fighting illicit telecom setups, and collaborating with financial regulators on quickly changing fraud patterns, issued the Sanchar Saathi directive as part of a larger set of security-focused measures. One order required platforms such as WhatsApp to make sure that web sessions were terminated after six hours and that accounts only functioned when the registered SIM card was present in the device.

‍

When taken as a whole, these orders indicate a clear strategic goal, the government is working to close systemic gaps that organised crime, particularly identity theft and device-level fraud, exploits. However, they also highlight the complex relationship between public opinion and security requirements. The government’s quick reversal in the Sanchar Saathi case demonstrated a crucial realization: digital safety mechanisms can only be effective when people feel educated, valued, and in charge. 

‍

CyberPeace Perspective & The Middle Path

CyberPeace stated that whenever a digital tool comes into contact with identity, data, or mobile access, public concern is inevitable. However, it is also emphasised that Sanchar Saathi is not a surveillance tool, instead can empower citizens. 

Even with the rolled back mandate, it is reaffirmed that cornerstones of digital trust are accountability, openness, audits, and unambiguous permissions. India can maintain both safety and rights through responsible implementation, ethical design, and open communication. 

‍

References

1. https://www.thehindu.com/sci-tech/technology/what-is-the-sanchar-saathi-app-why-is-the-government-mandating-its-pre-installation/article70350322.ece
2. https://theprint.in/opinion/sharp-edge/sanchar-saathi-app-modi-govt/2797917/ 
3. https://www.pib.gov.in/PressReleasePage.aspx?PRID=2198110&reg=3&lang=2 
4. https://sancharsaathi.gov.in/SancharSaathiDocuments/ImportantDocuments/DoT%20issues%20directions%20for%20pre-installation%20of%20Sanchar%20Saathi%20App%20in%20mobile%20handsets%20to%20verify%20the%20genuineness%20of%20mobile%20handsets.pdf 
5. https://cyberpeace.org/resources/blogs/sanchar-saathi-portal-a-solution-for-mobile-phone-theft-and-data-protection
6. https://cyberpeace.org/resources/blogs/chakshu-and-dip-shielding-citizens-from-online-frauds
7. https://cyberpeace.org/resources/blogs/financial-risk-indicator-launched-by-dot-to-strengthen-cybersecurity

‍

Introduction

There is a rising desire for artificial intelligence (AI) laws that limit threats to public safety and protect human rights while allowing for a flexible and inventive setting. Most AI policies prioritize the use of AI for the public good. The most compelling reason for AI innovation as a valid goal of public policy is its promise to enhance people's lives by assisting in the resolution of some of the world's most difficult difficulties and inefficiencies and to emerge as a transformational technology, similar to mobile computing. This blog explores the complex interplay between AI and internet governance from an Indian standpoint, examining the challenges, opportunities, and the necessity for a well-balanced approach.

Understanding Internet Governance

Before delving into an examination of their connection, let's establish a comprehensive grasp of Internet Governance. This entails the regulations, guidelines, and criteria that influence the global operation and management of the Internet. With the internet being a shared resource, governance becomes crucial to ensure its accessibility, security, and equitable distribution of benefits.

The Indian Digital Revolution

India has witnessed an unprecedented digital revolution, with a massive surge in internet users and a burgeoning tech ecosystem. The government's Digital India initiative has played a crucial role in fostering a technology-driven environment, making technology accessible to even the remotest corners of the country. As AI applications become increasingly integrated into various sectors, the need for a comprehensive framework to govern these technologies becomes apparent.

AI and Internet Governance Nexus

The intersection of AI and Internet governance raises several critical questions. How should data, the lifeblood of AI, be governed? What role does privacy play in the era of AI-driven applications? How can India strike a balance between fostering innovation and safeguarding against potential risks associated with AI?

• AI's Role in Internet Governance: 

Artificial Intelligence has emerged as a powerful force shaping the dynamics of the internet. From content moderation and cybersecurity to data analysis and personalized user experiences, AI plays a pivotal role in enhancing the efficiency and effectiveness of Internet governance mechanisms. Automated systems powered by AI algorithms are deployed to detect and respond to emerging threats, ensuring a safer online environment.

A comprehensive strategy for managing the interaction between AI and the internet is required to stimulate innovation while limiting hazards. Multistakeholder models including input from governments, industry, academia, and civil society are gaining appeal as viable tools for developing comprehensive and extensive governance frameworks.

The usefulness of multistakeholder governance stems from its adaptability and flexibility in requiring collaboration from players with a possible stake in an issue. Though flawed, this approach allows for flaws that may be remedied using knowledge-building pieces. As AI advances, this trait will become increasingly important in ensuring that all conceivable aspects are covered.

The Need for Adaptive Regulations

While AI's potential for good is essentially endless, so is its potential for damage - whether intentional or unintentional. The technology's highly disruptive nature needs a strong, human-led governance framework and rules that ensure it may be used in a positive and responsible manner. The fast emergence of GenAI, in particular, emphasizes the critical need for strong frameworks. Concerns about the usage of GenAI may enhance efforts to solve issues around digital governance and hasten the formation of risk management measures.

Several AI governance frameworks have been published throughout the world in recent years, with the goal of offering high-level guidelines for safe and trustworthy AI development. The OECD's "Principles on Artificial Intelligence" (OECD, 2019), the EU's "Ethics Guidelines for Trustworthy AI" (EU, 2019), and UNESCO's "Recommendations on the Ethics of Artificial Intelligence" (UNESCO, 2021) are among the multinational organizations that have released their own principles. However, the advancement of GenAI has resulted in additional recommendations, such as the OECD's newly released "G7 Hiroshima Process on Generative Artificial Intelligence" (OECD, 2023).

Several guidance documents and voluntary frameworks have emerged at the national level in recent years, including the "AI Risk Management Framework" from the United States National Institute of Standards and Technology (NIST), a voluntary guidance published in January 2023, and the White House's "Blueprint for an AI Bill of Rights," a set of high-level principles published in October 2022 (The White House, 2022). These voluntary policies and frameworks are frequently used as guidelines by regulators and policymakers all around the world. More than 60 nations in the Americas, Africa, Asia, and Europe had issued national AI strategies as of 2023 (Stanford University).

Conclusion

Monitoring AI will be one of the most daunting tasks confronting the international community in the next centuries. As vital as the need to govern AI is the need to regulate it appropriately. Current AI policy debates too often fall into a false dichotomy of progress versus doom (or geopolitical and economic benefits versus risk mitigation). Instead of thinking creatively, solutions all too often resemble paradigms for yesterday's problems. It is imperative that we foster a relationship that prioritizes innovation, ethical considerations, and inclusivity. Striking the right balance will empower us to harness the full potential of AI within the boundaries of responsible and transparent Internet Governance, ensuring a digital future that is secure, equitable, and beneficial for all.

References

1. The Key Policy Frameworks Governing AI in India - Access Partnership
2. AI in e-governance: A potential opportunity for India (indiaai.gov.in)
3. India and the Artificial Intelligence Revolution - Carnegie India - Carnegie Endowment for International Peace
4. Rise of AI in the Indian Economy (indiaai.gov.in)
5. The OECD Artificial Intelligence Policy Observatory - OECD.AI
6. Artificial Intelligence | UNESCO
7. Artificial intelligence | NIST