India has faced a significant rise in coordinated threats to airlines, schools, hospitals, five-star hotels this year. These threats were posted on social media or sent through text messages, multiple threat mails that were simultaneously sent to political leaders, authorities and institutions.

This year, between May and November, 900 threatening messages were received by airlines out of which 600 were posted on the social media platform X. CISF has reportedly confirmed that more than 1,000 domestic and international flights were delayed in the last two months alone due to threats that turned out to be hoaxes.

This trend, along with the rise in digital frauds and cybercrimes on a daily basis has been has raised serious concerns about digital security.

Threats are being made through social media platforms using fake identities, multiple email accounts, and anonymized calls via VPN and VOIP technologies, often originating from platforms based outside India in countries like the US and Canada.

In this episode of Checks and Balances, Geetanjali Minhas spoke to experts on the urgent need for enhanced digital security measures and international cooperation to combat the misuse of technology for malicious purposes as well as stronger efforts to identify and prosecute those responsible for such threats.

You can watch the episode here: https://youtu.be/d_NLDSci-7E?si=CjlmzBDeX7MqvKxi
Here is what the experts said:

Praveen Dixit
Former Director General Police, Maharashtra, Special Rapporteur NHRC, Maharashtra & Goa

India is grappling with a sharp rise in hoax threat calls, particularly bomb threats, originating through social media platforms like X (formerly Twitter), Meta (Facebook), WhatsApp, and Instagram. These calls are often made via Voice over Internet Protocol (VoIP), allowing perpetrators to hide their identities and evade detection. The anonymity of these threats complicates efforts by law enforcement agencies to trace and apprehend the culprits.

Despite the government's pressing for better cooperation, social media platforms, particularly those based in the US and Canada, have been slow to act, citing neutrality and reluctance to intervene. This has left platforms struggling to address issues like mass hoax calls, fake accounts, and cybercrimes.

The Bureau of Civil Aviation Security (BCAS) has formed the Bureau of Threat Action Committee (BTAC) to assess threats more efficiently. In October, BTAC identified 510 hoax calls in just 16 days, preventing unnecessary disruptions to aviation. With new protocols in place, BTAC aims to distinguish genuine threats from hoaxes, reducing delays in aviation response.

All countries must comply with international guidelines set by the International Civil Aviation Organization (ICAO), as passengers on flights often represent multiple nations. Past incidents have shown that delays in responding to threats have led to disasters, highlighting the need for prompt action and adherence to ICAO protocols.

What should be done?
If you receive a call or video call, particularly on platforms like WhatsApp, avoid responding immediately. First, verify the number using apps like Truecaller to determine if it’s from a genuine person or a potential scam. If the call appears legitimate, consider calling back instead of responding right away.

If the caller claims to be from law enforcement, stating things like “digital arrest” or threats of warrants, do not fall for these scams as they are entirely false. In case you do engage with such scammers or feel deceived, immediately contact the cybercrime helpline at 1930 or use portals like Chakshu or cybercrime.gov.in.  Additionally, report the incident to your local police or a cyber police station. If money was involved, inform your bank so they can freeze your account and possibly recover the lost funds.

In addition to hoax threats, investment scams and exploitation of Indian youth are becoming major concerns. Victims of such scams often face financial losses, with criminals transferring funds internationally through methods like hawala and cryptocurrencies. In some cases, young Indians are being lured abroad with fake job offers, only to be trapped in exploitative conditions.

The government is urged to bring an ordinance to protect personal data and ensure that any data breaches, whether for commercial or malicious purposes, are met with severe punishment and fines. Individuals should be cautious when asked for personal details, especially during KYC requests, as it's difficult to verify whether the request is legitimate or from a scammer. If a bank asks for such information, customers should verify with their relationship manager before sharing any details or a person can visit the bank branch.

Jiten Jain
Cyber Security Expert, Director, Voyager Infosec  

The current situation appears to be a coordinated threat targeting multiple airlines, schools, hospitals and five-star hotels aimed at spreading mass fear and paranoia to overwhelm systems. These threats do not appear to be work of individuals but are being carried out using proxies, VPNs, and virtual exchanges. This suggests a group of people, possibly backed or mentored by a hostile state, who are behind the attacks and seem more related to national security than cyber fraud.

A system needs to be established to track and regulate calls, especially those originating from unverified VOIP gateways. Telecom operators should be required to block or terminate calls from VOIP services that are not KYC verified or unauthorised. Many scammers use non-verified or personalised VOIP exchanges to make fraudulent calls.

Despite advancements in digital services, India has seen a rise in scams such as OTP frauds and identity thefts, largely due to the lack of cybersecurity education and gaps in the KYC system. Scammers continue to exploit vulnerabilities, creating fake bank accounts or rented mule accounts.

The government’s response to cyber threats has been inadequate, with overwhelmed helplines and agencies struggling to handle the rising volume of complaints. Cybercrime.gov.in and the 1930 helpline are under-resourced, unable to scale to meet the demands of a large population facing growing cyber threats.

There are also significant gaps in the KYC process, particularly with fake SIM cards. For example, when a fake SIM is deactivated by telecom providers, platforms like WhatsApp often remain active on those numbers for months. To address this, it has been suggested that services like WhatsApp should be automatically disconnected once a SIM is deactivated, and users should undergo re-KYC to continue using the platform.

Moreover, when mobile numbers linked to bank accounts are changed, re-KYC should be mandatory, but this is often not enforced. Banks and financial institutions need to track the flow of funds through KYC-verified accounts and take accountability for fraudulent transactions. There are concerns about possible collusion between criminals and bank employees, further complicating the issue. The lack of a robust regulatory and banking system exacerbates the persistence of these scams.

In today's digital age, people often share their personal data—such as email addresses and mobile numbers—with businesses and services without fully understanding the risks. This information is frequently accessed by hackers or sold in bulk on the dark web, for as little as Rs 15,000-20,000.  This widespread data exposure puts society at significant risk, where personal information is linked to services like WhatsApp and banking accounts.

While many individuals are aware of these threats, a general sense of indifference prevails, with most failing to take proactive measures to protect their data. To address this, it is crucial for financial institutions, particularly banks, to be held accountable when individuals lose money due to fraud. If banks face financial consequences for such losses, it would incentivise them to improve security protocols and adopt stronger safeguards.

Despite registration on the Do Not Disturb (DND) list, many people still receive spam messages daily, highlighting a failure in the regulatory system. The Telecom Regulatory Authority of India (TRAI) needs to take more robust action to address this issue. Although there have been initiatives to organise bank and national numbers into specific formats, these measures should have been implemented years ago.

There is also a stark disparity in how financial fraud is handled based on socio-economic status. While wealthy individuals and large banks can quickly escalate cases, rural citizens, such as farmers who lose a small amount of money—often their entire life savings—face barriers in getting their complaints registered or investigated. This inequality in response undermines trust in the digital financial ecosystem, particularly among rural communities. If these communities lose confidence in digital systems, the goal of financial inclusion will be severely compromised.
Additionally, to improve responses to cyber threats, India needs to strengthen its Computer Emergency Response Team (CERT) and consolidate cybersecurity oversight under a single, accountable authority. This would streamline decision-making, reduce confusion, and ensure a more efficient response to cybercrime.