CyberPeace Helpline Monthly Statistical Analysis (May 2025)
Disclaimer:
This report is the collaborative outcome of insights derived from the CyberPeace Helpline’s operational statistics and the CyberPeace Research Team, covering the monthly helpline case trends of May 2025, the report identifies recurring trends, operational challenges, and strategic opportunities. The objective is to foster research-driven solutions that enhance the overall efficacy of the helpline.
Executive Summary:
This report summarizes the cybercrime cases reported in May, offering insights into case types, gender distribution, resolution status, and geographic trends.
As per our analysis, out of various Cyber Frauds Financial Fraud was the most reported issue, making up 43% of cases, followed by Cyberbullying (26%) and Impersonation (14%). Less frequent but serious issues included Sexual Harassment, Sextortion, Hacking, Data Tampering, and Cyber Defamation, each accounting for 3–6%, highlighting a mix of financial and behavioral threats.
The gender distribution was fairly balanced, with 51% male and 49% female respondents. While both genders were affected by major crimes like financial fraud and cyber bullying, some categories—such as sexual harassment—reflected more gender-specific risks, indicating the need for gender-responsive policies and support.
Regarding case status, 60% remain under follow-up while 40% have been resolved, reflecting strong case-handling efforts by the team.
The location-wise data shows higher case concentrations in Uttar Pradesh, Andhra Pradesh, Karnataka, and West Bengal, with significant reports also from Delhi, Telangana, Maharashtra, and Odisha. Reports from the northeastern and eastern states confirm the nationwide spread of cyber incidents.
In conclusion, the findings point to a growing need for enhanced cybersecurity awareness, preventive strategies, and robust digital safeguards to address the evolving cyber threat landscape across India.
Cases Received in May:
As per the given dataset, the following types of cases were reported to our team during the month of May:
- 💰 Financial Fraud – 43%
- 💬 Cyber Bullying – 26%
- 🕵️♂️ Impersonation – 14%
- 🚫 Sexual Harassment – 6%
- 📸 Sextortion – 3%
- 💻 Hacking – 3%
- 📝 Data Tampering – 3%
- 🗣️ Cyber Defamation – 3%
The chart illustrates various cybercrime categories and their occurrence rates. Financial Fraud emerges as the most common, accounting for 43% of cases, highlighting the critical need for stronger digital financial security. This is followed by Cyber Bullying at 26%, reflecting growing concerns around online harassment, especially among youth. Impersonation ranks third with 14%, involving identity misuse for deceitful purposes. Less frequent but still serious crimes such as Sexual Harassment (6%), Sextortion, Hacking, Data Tampering, and Cyber Defamation (each 3%) also pose significant risks to users’ privacy and safety. Overall, the data underscores the need for improved cybersecurity awareness, legal safeguards, and preventive measures to address both financial and behavioral threats in the digital space.
Gender-Wise Distribution:
- 👨 Male – 51%
- 👩 Female – 49%
The chart illustrates the distribution of respondents by gender. The data shows that Male participants make up 51% of the total, while Female participants account for 49%. This indicates a fairly balanced representation of both genders, with a slight majority of male respondents.
Gender-Wise Case Distribution:
1 The chart presents a gender-wise distribution of various cybercrime cases, offering a comparative view of how different types of cyber incidents affect males and females.
2 It highlights that both genders are significantly impacted by cybercrimes such as financial fraud and cyber bullying, indicating a widespread risk across the board.
3 Certain categories, including sexual harassment, cyber defamation, and hacking, show more gender-specific patterns of victimization, pointing to differing vulnerabilities.
4 The data suggests the need for gender-sensitive policies and preventive measures to effectively address the unique risks faced by males and females in the digital space.
5 These insights can inform the design of tailored awareness programs, support services, and intervention strategies aimed at improving cybersecurity for all individuals.
Major Location Wise Distribution:
The map visualization displays location-wise distribution of reported cases across India. The cases reflect the cyber-related incidents or cases mapped geographically.
The map highlights the regional distribution of cybercrime cases across Indian states, with a higher concentration in Uttar Pradesh, Andhra Pradesh, Karnataka, and West Bengal. States like Delhi, Telangana, Maharashtra, and Odisha also show notable activity, indicating widespread cyber threats. Regions including Assam, Tripura, Bihar, Jharkhand, and Jammu & Kashmir further reflect the pan-India spread of such incidents. This distribution stresses the need for targeted cybersecurity awareness and stronger digital safeguards nationwide
CyberPeace Advisory:
- Use Strong and Unique Passwords: Create complex passwords using a mix of letters, numbers, and symbols. Avoid reusing the same password across multiple platforms.
- Enable Multi-Factor Authentication (MFA): Add an extra layer of security by using a second verification step like an OTP or authentication app.
- Keep Software Updated: Regularly update your operating system, apps, and security tools to protect against known vulnerabilities.
- Install Trusted Security Software: Use reliable antivirus and anti-malware programs to detect and block threats.
- Limit Information Sharing: Be cautious about sharing personal or sensitive details, especially on social media or public platforms.
- Secure Your Network: Protect your Wi-Fi with a strong password and encryption. Avoid accessing confidential information on public networks.
- Back Up Important Data: Regularly save copies of important files in secure storage to prevent data loss in case of an attack.
- Stay Informed with Cybersecurity Training: Learn how to identify scams, phishing attempts, and other online threats through regular awareness sessions.
- Control Access to Data: Give access to sensitive information only to those who need it, based on their job roles.
Monitor and Respond to Threats:
Continuously monitor systems for unusual activity and have a clear response plan for handling security incidents.
- CyberPeace Helpline mail ID: helpline@cyberpeace.net
- CyberPeace Helpline Number: 9570000066
- Central Government Helpline: https://cybercrime.gov.in/
- Central Government Helpline Number: 1930
Conclusion:
The cybercrime cases reported in May highlight a diverse and evolving threat landscape across India. Financial fraud, cyber bullying, and impersonation are the most prevalent, affecting both genders almost equally, though some crimes like sexual harassment call for targeted gender-sensitive measures. With 60% of cases still under follow-up, the team’s efforts in investigation and resolution remain strong. Geographically, cyber incidents are widespread, with higher concentrations in several key states, demonstrating that no region is immune. These findings underscore the urgent need to enhance cybersecurity awareness, strengthen preventive strategies, and build robust digital safeguards. Proactive and inclusive approaches are essential to protect individuals and communities and to address the growing challenges posed by cybercrime nationwide.
Related Blogs
Executive Summary:
A viral video showing flames and thick smoke from large fuel tanks has been shared widely on social media. Many claimed it showed a recent Russian missile attack on a fuel depot in Ukraine. However, our research found that the video is not related to the Russia-Ukraine conflict. It actually shows a fire that happened at Al Hamriyah Port in Sharjah, United Arab Emirates, on May 31, 2025. The confusion was likely caused by a lack of context and misleading captions.
Claim:
The circulating claim suggests that Russia deliberately bombed Ukraine's fuel reserves and the viral video shows evidence of the bombing. The posts claim the fuel depot was destroyed purposefully during military operations, implying an increase in violence. This narrative is intended to generate feelings and reinforce fears related to war.
Fact Check:
After doing a reverse image search of the key frames of the viral video, we found that the video is actually from Al Hamriyah Port, UAE, not from the Russia-Ukraine conflict. During further research we found the same visuals were also published by regional news outlets in the UAE, including Gulf News and Khaleej Times, which reported on a massive fire at Al Hamriyah Port on 31 May 2025.
As per the news report, a fire broke out at a fuel storage facility in Al Hamriyah Port, UAE. Fortunately, no casualties were reported. Fire Management Services responded promptly and successfully brought the situation under control.
Conclusion:
The belief that the viral video is evidence of a Russian strike in Ukraine is misleading and incorrect. The video is actually of a fire at a commercial port in the UAE. When you share misleading footage like that, you distort reality and incite fear based on lies. It is simply a reminder that not all viral media is what it appears to be, and every viewer should take the time to check and verify the content source and context before accepting or reposting. In this instance, the original claim is untrue and misleading.
- Claim: Fresh attack in Ukraine! Russian military strikes again!
- Claimed On: Social Media
- Fact Check: False and Misleading
Introduction
Data Breaches have taken over cyberspace as one of the rising issues, these data breaches result in personal data making its way toward cybercriminals who use this data for no good. As netizens, it's our digital responsibility to be cognizant of our data and the data of one's organization. The increase in internet and technology penetration has made people move to cyberspace at a rapid pace, however, awareness regarding the same needs to be inculcated to maximise the data safety of netizens. The recent AIIMS cyber breach has got many organisations worried about their cyber safety and security. According to the HIPPA Journal, 66% of healthcare organizations reported ransomware attacks on them. Data management and security is the prime aspect of clients all across the industry and is now growing into a concern for many. The data is primarily classified into three broad terms-
- Personal Identified Information (PII) - Any representation of information that permits the identity of an individual to whom the information applies to be reasonably inferred by either direct or indirect means.
- Non-Public Information (NPI) - The personal information of an individual that is not and should not be available to the public. This includes Social Security Numbers, bank information, other personal identifiable financial information, and certain transactions with financial institutions.
- Material Non-Public Information (MNPI) - Data relating to a company that has not been made public but could have an impact on its share price. It is against the law for holders of nonpublic material information to use the information to their advantage in trading stocks.
This classification of data allows the industry to manage and secure data effectively and efficiently and at the same time, this allows the user to understand the uses of their data and its intensity in case of breach of data. Organisations process data that is a combination of the above-mentioned classifications and hence in instances of data breach this becomes a critical aspect. Coming back to the AIIMS data breach, it is a known fact that AIIMS is also an educational and research institution. So, one might assume that the reason for any attack on AIIMS could be either to exfiltrate patient data or could be to obtain hands-on the R & D data including research-related intellectual properties. If we postulate the latter, we could also imagine that other educational institutes of higher learning such as IITs, IISc, ISI, IISERs, IIITs, NITs, and some of the significant state universities could also be targeted. In 2021, the Ministry of Home Affairs through the Ministry of Education sent a directive to IITs and many other institutes to take certain steps related to cyber security measures and to create SoPs to establish efficient data management practices. The following sectors are critical in terms of data protection-
- Health sector
- Financial sector
- Education sector
- Automobile sector
These sectors are generally targeted by bad actors and often data breach from these sectors result in cyber crimes as the data is soon made available on Darkweb. These institutions need to practice compliance like any other corporate house as the end user here is the netizen and his/her data is of utmost importance in terms of protection.Organisations in today's time need to be in coherence to the advancement in cyberspace to find out keen shortcomings and vulnerabilities they may face and subsequently create safeguards for the same. The AIIMS breach is an example to learn from so that we can protect other organisations from such cyber attacks. To showcase strong and impenetrable cyber security every organisation should be able to answer these questions-
- Do you have a centralized cyber asset inventory?
- Do you have human resources that are trained to model possible cyber threats and cyber risk assessment?
- Have you ever undertaken a business continuity and resilience study of your institutional digitalized business processes?
- Do you have a formal vulnerability management system that enumerates vulnerabilities in your cyber assets and a patch management system that patches freshly discovered vulnerabilities?
- Do you have a formal configuration assessment and management system that checks the configuration of all your cyber assets and security tools (firewalls, antivirus management, proxy services) regularly to ensure they are most securely configured?
- Do have a segmented network such that your most critical assets (servers, databases, HPC resources, etc.) are in a separate network that is access-controlled and only people with proper permission can access?
- Do you have a cyber security policy that spells out the policies regarding the usage of cyber assets, protection of cyber assets, monitoring of cyber assets, authentication and access control policies, and asset lifecycle management strategies?
- Do you have a business continuity and cyber crisis management plan in place which is regularly exercised like fire drills so that in cases of exigencies such plans can easily be followed, and all stakeholders are properly trained to do their part during such emergencies?
- Do you have multi-factor authentication for all users implemented?
- Do you have a supply chain security policy for applications that are supplied by vendors? Do you have a vendor access policy that disallows providing network access to vendors for configuration, updates, etc?
- Do you have regular penetration testing of the cyberinfrastructure of the organization with proper red-teaming?
- Do you have a bug-bounty program for students who could report vulnerabilities they discover in your cyber infrastructure and get rewarded?
- Do you have an endpoint security monitoring tool mandatory for all critical endpoints such as database servers, application servers, and other important cyber assets?
- Do have a continuous network monitoring and alert generation tool installed?
- Do you have a comprehensive cyber security strategy that is reflected in your cyber security policy document?
- Do you regularly receive cyber security incidents (including small, medium, or high severity incidents, network scanning, etc) updates from your cyber security team in order to ensure that top management is aware of the situation on the ground?
- Do you have regular cyber security skills training for your cyber security team and your IT/OT engineers and employees?
- Do your top management show adequate support, and hold the cyber security team accountable on a regular basis?
- Do you have a proper and vetted backup and restoration policy and practice?
If any organisation has definite answers to these questions, it is safe to say that they have strong cyber security, these questions should not be taken as a comparison but as a checklist by various organisations to be up to date in regard to the technical measures and policies related to cyber security. Having a strong cyber security posture does not drive the cyber security risk to zero but it helps to reduce the risk and improves the fighting chance. Further, if a proper risk assessment is regularly carried out and high-risk cyber assets are properly protected, then the damages resulting from cyber attacks can be contained to a large extent.
Executive Summary:
An image has been spread on social media about the truck carrying money and gold coins impounded by Jharkhand Police that also during lok sabha elections in 2024. The Research Wing, CyberPeace has verified the image and found it to be generated using artificial intelligence. There are no credible news articles supporting claims about the police having made such a seizure in Jharkhand. The images were checked using AI image detection tools and proved to be AI made. It is advised to share any image or content after verifying its authenticity.
Claims:
The viral social media post depicts a truck intercepted by the Jharkhand Police during the 2024 Lok Sabha elections. It was claimed that the truck was filled with large amounts of cash and gold coins.
Fact Check:
On receiving the posts, we started with keyword-search to find any relevant news articles related to this post. If such a big incident really happened it would have been covered by most of the media houses. We found no such similar articles. We have closely analysed the image to find any anomalies that are usually found in AI generated images. And found the same.
The texture of the tree in the image is found to be blended. Also, the shadow of the people seems to be odd, which makes it more suspicious and is a common mistake in most of the AI generated images. If we closely look at the right hand of the old man wearing white attire, it is clearly visible that the thumb finger is blended with his apparel.
We then analysed the image in an AI image detection tool named ‘Hive Detector’. Hive Detector found the image to be AI-generated.
To validate the AI fabrication, we checked with another AI image detection tool named ‘ContentAtScale AI detection’ and it detected the image as 82% AI. Generated.
After validation of the viral post using AI detection tools, it is apparent that the claim is misleading and fake.
Conclusion:
The viral image of the truck impounded by Jharkhand Police is found to be fake and misleading. The viral image is found to be AI-generated. There has been no credible source that can support the claim made. Hence, the claim made is false and misleading. The Research Wing, CyberPeace previously debunked such AI-generated images with misleading claims. Netizens must verify such news that circulates in Social Media with bogus claims before sharing it further.
- Claim: The photograph shows a truck intercepted by Jharkhand Police during the 2024 Lok Sabha elections, which was allegedly loaded with huge amounts of cash and gold coins.
- Claimed on: Facebook, Instagram, X (Formerly known as Twitter)
- Fact Check: Fake & Misleading
