#FactCheck : Iraq Religious Gathering Video Misused as Khamenei Funeral Footage

Introduction
‍

Rapid growth in India’s Digital Economy has opened up various options for companies to utilise digital technology as part of their operations. Examples of these technologies include cloud computing; online payment systems; digitally enabled supply chains; and platforms that facilitate remote working. As small and medium enterprises(SMEs) represent a major part of India’s economy, they have quickly been able to capitalise on the benefits these technologies provide in improving their operational efficiency and developing an increased presence within the market. However, this rapid pace of digitalisation creates an exposure to a much greater breadth of cyber-security threats than ever for SMEs. Today, perhaps the greatest cyber-threat facing SMEs in India is ransomware, an increasing frequent type of cyber-attack that has been increasing on a global scale over the past few years and in response, there have been numerous initiatives by various government agencies, industry organisations, and cyber-security firms designed to educate the general public on the risks of ransomware. 

What is Ransomware?
‍

Ransomware is a type of malware, which prevents all users being able to access their file system or access their data until they pay a ransom. In a standard ransomware event an attacker will breach the company's network, and encrypt all critical files so that they are unable to be used. The attacker usually demands payment in bitcoin because it is a difficult trace  and promises to provide a key to unlock the data in exchange for the payment. Attackers gain access to company networks by using social engineering techniques such as phishing email, stolen password, or exploiting an unpatched vulnerability in the software that is running on the company's network. 
‍

The Rising Threat of Ransomware
‍

Cybercriminals have created one of the most destructive varieties of cybercrimes around the world through ransomware; while experts in the cybersecurity field project losses to global ransomware damage may reach $30 billion by 2025. There has also been a marked increase in SMEs being attacked by ransomware-based cybercriminals throughout India. NASSCOM has done research and found that many SMEs in India have experienced attempted ransomware attacks in the past few years alone. According to incident reports provided through CERT-In, there has been a noticeable increase in the number of cybercrime occurrences throughout different sectors of India’s economy since those reports began. These developments have shown an increase in the size and level of sophistication of ransomware related threats.
‍

Why Indian SMEs Remain Vulnerable Despite Awareness
‍

Despite increased awareness about cyber threats, there is a large number of Indian SMEs that continue to be vulnerable to ransomware. The main reason is financial limitations. Many small businesses typically have limited financial resources and those limited resources more often than not, go towards operations, including production, logistics, and marketing - cybersecurity costs are usually viewed as additional costs.

Another significant problem facing SMEs is a shortage of skilled cybersecurity professionals. Large enterprises typically have dedicated security teams responsible for protecting the enterprise, whereas SMEs will employ IT staff generally without any specific expertise in detecting/countering cyber threats. Human error are also significant contributors to these cyber incursion events. An employee can inadvertently click on an email link or download an infected attachment, or use a weak password - all of which could provide opportunities for cybercriminals to access the company's network. Phishing emails continue to be the most common approach for initiating ransomware.

Furthermore - many SMEs have implemented digital platforms, such as cloud-based applications and payment processing, without appropriately executing cybersecurity planning prior to implementation. Many of the issues that have arisen from such rapid digitisation are due to a lack of sufficient planned cybersecurity measures as part of the implementation process. This has also resulted in a situation where technological advancements such as Ransomware as a Service (RaaS) have created an even larger pool of potential perpetrators (cybercriminals) with little-to-no expertise being able to launch a widespread ransomware campaign using readily available/pre-manufactured tools.
‍

Real-World Cyber Incidents Affecting Indian SMEs
‍

As several examples recently demonstrate, Indian SMEs continue to experience significant cyber attack risks. Recently, a logistics firm located in Gurugram found itself locked out of nearly 4,000 shipments due to a ransomware attack, which cost them ₹12 lakhs to fix because they had poor backups and another incident in Gurugram which highlights how vulnerable many SMEs in the country continue to be to ransomware attacks. In the case of a garments company, a hacker compromised the company's server by placing ransomware on its system. The company was forced to shut down its computerised warehouse system as a result of the attack. Only after the company had lost access to its system, did it receive a ransom demand from the hacker, in the form of an email requesting payment of 15 bitcoins (approximately ₹25 lakh), in order for the hacker to restore the company's access to the system. The hacker also threatened to delete the company's financial and banking records if the ransom were not paid. Gurgaon Police's Cyber Cell received the report of the incident, and registered a first information report (FIR) against unknown hackers. The case represents an opportunity for SMEs to evaluate the risks associated with ransomware.

‍

Bridging the Gap Between Awareness and Implementation
‍

Although awareness campaigns can show organisations what types of cybersecurity risks they’re exposed to, these campaigns will not keep businesses from being victims of a ransomware attack by themselves.. The most critical step forward is the implementation of the principles of cybersecurity from an understanding viewpoint to that of an active action. Organisations need to go beyond being aware of the risks related to cyber and then put measures in place to mitigate those risks.

To improve cybersecurity, organisations may need to spend money on developing and maintaining systems; set up regular training for employees on handling cyber threats and implementing an incident response plan to address security incidents; back up data regularly; maintain the hardware and software used in the organisation's computer systems at least once a month (or more often if necessary); and monitor all aspects of its computer systems continuously for weaknesses or problems.
‍

The Way Forward: Strengthening SME Cybersecurity
‍

In order to truly address the ransomware threat, collaboration by businesses, government agencies and cyber security professionals is mandatory. One of the biggest roles in this collaboration is through governmental initiatives to enhance the overall level of awareness of digital security among SMEs (small to medium-sized enterprises). Improved SME understanding of cyber risks will be based on the availability of affordable security solutions that are specifically tailored for small businesses.

Industry partnerships as well as public-private partnerships also aid the sharing of threat intelligence to strengthen collaborative defense against all cybercriminal activity.
‍

Conclusion
‍

Despite Indian SMEs being aware of cyber threats, they have been unable to implement safeguards or Cyber Security plans due to limited financial resources, insufficient qualified personnel, human errors, and the rapid pace at which digital technology is being adopted without adequate Cyber Security measures. In order to respond effectively to the growing threat of Ransomware, Indian SMEs must evolve from being aware of cyber threats to proactively developing Cyber Security strategies that will allow them to prevent, prepare for, and recover from the increased cyber threat posed by the rapidly growing digitalisation of business within an increasingly globalised economy.
‍

References 
‍

1. https://www.ibm.com/think/topics/ransomware
2. https://primeinfoserv.com/indias-sme-cybersecurity-crisis-real-incidents-real-lessons-2024-2025/
3. https://timesofindia.indiatimes.com/city/gurgaon/ransomware-attack-on-apparel-firm-all-data-lost/articleshow/59496777.cms#
4. https://ciso.economictimes.indiatimes.com/news/cybercrime-fraud/indian-businesses-face-nearly-700-ransomware-attacks-per-day-kaspersky/120471668
5. https://smestreet.in/msmenews/indian-smes-remain-alarmingly-exposed-to-ransomware-threats-sophos-report-2025-9456628
6. https://m.economictimes.com/news/how-to/how-can-indian-smes-combat-ransomware-attacks/articleshow/108047111.cms

‍

Executive Summary:

The internet is a nest of scams and there's much need to be careful with predatory ideas that prey on the naïve people. Within the recent days, a malicious campaign has emerged falsely alleging 28 day free recharge by courtesy of the Prime Minister Narendra Modi. This blog seeks to analyze the tactics used by this scam in luring the victims and give an overview on how one can identify and keep away from such fraudulent activities.

Claim:

In view of the increasing support for the BJP 2024 election, a rumor has allegedly claimed that the Prime Minister Narendra Modi offering a free recharge with a validity period of up-to twenty eight days at cost of ₹239  to all Indian users. The message encourages the users to click on a given link in order to redeem the free recharge, pointing out that this offer is valid until January 26th of 2024.

The Deceptive Journey:

• Insecure Links:The research begins with a suspicious link (http://offerintro[.]com/BJP2024), without any credibility that honest sites use to protect the user information. We should keep in mind that the links which aren’t secure may easily lead to phishing and other  cyber threats.
• Multiple Redirects:When users click the link, they are immediately directed through a series of links. This common tactic used by scammers is designed to hide the true origin of their fraudulent scheme, making it difficult for users' efforts to identify the malicious activity.
• False Promises and Fake Comments:The landing page has a banner of the Prime Minister Narendra Modi that makes it look like this is an official channel and hence authentic. Further, false comments can be also included to compliment the alleged initiative. But remember that genuine government announcements are made through legal channels, not by the shady websites.
• Mobile Number Request:As the next step, the users enter their mobile numbers in the specified field. True initiatives never really need the personal information to pass through unofficial lines. This is actually a trick that scammers use to acquire the important information.
• Share to Activate:Once a user has entered the mobile number, he/she is prompted to share the link with others in order to “activate” promised free recharge. This method is most often used by scammers for spreading their fraudulent message beyond the targeted victim.
• Fake Progress Display:When the users have done their part by sharing the link, a false recharge in progress  bar is shown to make them believe that it has started. But the consumers are unwittingly playing a part in the fraud.
• Recharge Completion Pop-up:The last stage of fraud includes a pop-up saying that the recharge is done; leaving users with the false belief that they have benefited from a legitimate government initiative.

What we Analyze :

• It is important to note that at this particular point, there has not been any official declaration or a proper confirmation of an offer made by the Prime Minister or from their government. So, people must be very careful when encountering such messages because they are often employed as lures in phishing attacks or misinformation campaigns. Before engaging or transmitting such claims, it is always advisable to authenticate the information from trustworthy sources in order to protect oneself online and prevent the spread of wrongful information.
• The campaign is hosted on a third party domain instead of any official Government Website, this raised suspicion. Also the domain has been registered in very recent times.

‍

‍

• Domain Name: offerintro[.]com
• Registry Domain ID: 2791466714_DOMAIN_COM-VRSN
• Registrar WHOIS Server: whois.godaddy[.]com
• Registrar URL: https://www.godaddy[.]com
• ‍Registrar: GoDaddy[.]com, LLC
• Registrar IANA ID: 146
• Updated Date: 2023-06-18T20:37:20Z
• Creation Date: 2023-06-18T20:37:20Z
• Registrar Registration Expiration Date: 2024-06-18T20:37:20Z
• Name Server: ANAHI.NS.CLOUDFLARE.COM
• Name Server: GARRETT.NS.CLOUDFLARE.COM

CyberPeace Advisory:

• Stay Informed: Beware of the scams and keep yourself updated through authentic government platforms.
• Verify Website Security: Do not get engaged with any insecure HTTP links but focus on URLs that have secure encryption (HTTPS).
• Protect Personal Information: However, be cautious when sharing personal information – especially in a non-official channel.
• Report Suspicious Activity: If you discover any scams or fraudulent activities, report it and the relevant sites to help avoid others from being defrauded of their hard earned money.

Conclusion:

Summing up, Prime Minister Narendra Modi Free Recharge fraud is an excellent illustration that there is always some danger within cyberspace. The way of the method, from insecure links and also multiple redirects to false promises and really data collection make it clear that internet users should be more careful. The importance of staying up-to-date with what is happening in this new digital world, verifying credibility and also privacy are paramount. By being cautiously aware, the people can keep themselves safe from such fraudulent acts and also play a role in ensuring security even for an online world. Remember that an offer which is in a perfect world should be illegal. Therefore, after doing a thorough research we found this campaign to be fake.

‍

Introduction

The Supreme Court of India recently ruled that telecom companies cannot be debarred from reissuing the deactivated numbers to a new subscriber. Notably, such reallocation of deactivated numbers is allowed only after the expiration of the period of 90 days. The Apex Court of India also mentioned that it is the responsibility of the user to delete their associated data with their number or any WhatsApp account data to ensure privacy. The  Centre has recently also blocked 22 apps which were part of unlawful operations including betting and money laundering. Meanwhile, in the digital landscape, the Intervention of legislature and judiciary is playing a key role in framing policies or coming up with guidelines advocating for a true cyber-safe India.  The government initiatives are encouraging the responsible use of technologies and Internet-availed services. 

Supreme Court stated that  telecom companies cannot be barred from reissuing deactivated numbers

Taking note of a petition before the Supreme Court of India, seeking direction from the Telecom Regulatory Authority of India (TRAI) to instruct mobile service providers to stop issuing deactivated mobile numbers, the Apex Court dismissed it by stating that mobile service providers in India are allowed to allocate the deactivated numbers to new users or subscribers but only after 90 days from the deactivation of the number. 

A concern of Breach of Confidential Data

The Court further stated, “It is for the earlier subscriber to take adequate steps to ensure that privacy is maintained.” stating that it is the responsibility of the user to delete their WhatsApp account attached to the previous phone number and erase their data. The Court further added that users need to be aware of the Supreme Court ruling that once the number is deactivated for non-use and disconnection, it can not be reallocated before the expiry of the 90-day period of such deactivation. However, after the allotted time passes, such reallocation of numbers to a new user is allowed.   

MEITY issued blocking orders against 22 illegal betting apps & websites

The government of India has been very critical in safeguarding Indian cyberspace by banning and blocking various websites and apps that have been operating illegally by scamming/dupping people of huge sums of money and also committing cyber crimes like data breaches. In recent developments, the Ministry of Electronic and Information Technology (Meity), on November 5, 2023, banned 22 apps including Mahadev Book and Reddyannaprestopro. The Centre has taken this decision on recommendations from the Enforcement Directorate (ED). ED raids on the Mahadev book app in Chattisgarh also revealed unlawful operations. This investigation has been underway for the past few months by the ED.

Applicable laws to prevent money laundering and the power of government to block such websites and apps

On the other hand, the Prevention of Money Laundering Act (PMLA) 2002 is a legislation already in place which aims to prevent and prosecute cases of money laundering. The government also has the power to block or recommend shutting down websites and apps under section 69A of the Information and Technology Act, 2000, under some specific condition as enumerated in the same.

Conclusion

In the evolving digital landscape, cyberspace covers several aspects while certain regulations or guidelines are required for smooth and secure functioning.  We sometimes change our phone numbers or deactivate them, hence, it is significantly important to delete the data associated with the phone number or any such social media account data attached to it. Hence, such a number is eligible for reallocation to a new or early subscriber after the expiration of a period of 90 days from such deactivation. On the other hand, the centre has also blocked the websites or apps that were found to be part of illegal operations including betting and money laundering. Users have also been advised not to misuse the Internet-availed services. Hence, trying to create a lawful and safe Internet environment for all. 

‍

References:

• https://timesofindia.indiatimes.com/india/cant-bar-telecom-companies-from-reissuing-deactivated-numbers-says-supreme-court/articleshow/104993401.cms
• https://pib.gov.in/PressReleseDetailm.aspx?PRID=1974901#:~:text=Ministry%20of%20Electronics%20and%20Information,including%20Mahadev%20Book%20and%20Reddyannaprestopro