#FactCheck-Air Taxi is a prototype and is not launched to commercial public

Introduction

Cybercrime in India is developing at a rapid rate in terms of depth and volume, with culprits leveraging technology, anonymity, and social engineering to exploit unsuspecting victims. In a high-profile instance of coordinated police action, the Delhi Police Crime Branch recently cracked a large-scale pan-India cybercrime syndicate with its arms stretching across Delhi, Rajasthan, and Uttar Pradesh. The syndicate used to be involved in a range of cybercrimes, from sextortion and online fraud to fake call centres and cloning of bank accounts. With over ₹5 crore of illicit financial transactions revealed, the operation highlights the critical role of proactive cyber policing, data security and public awareness in India's war against digital crime.

A Multi-State Operation: Crime Network across States

On May 24, 2025, on receiving a tip-off, the Delhi Police conducted a specific raid in New Ashok Nagar to catch a suspect consignment said to be used for cybercrime. This resulted in a multi-layered investigation that revealed a large crime syndicate. Police recovered 28 mobile phones, 30 SIM cards, 15 debit cards, 8 cheque books, and two laptops, equipment said to have been used in crimes ranging from sextortion to fake loan scams.

Three of the initial arrests revealed the use of fake kits like pre-activated SIMs and counterfeit documents to create phoney digital identities and bank accounts. They were being used to bypass KYC norms and make untraceable transactions, illustrating how cyber thieves exploit digital identity as well as financial authentication loopholes in the system.

Fake Call Centre Falsely Claiming to be a Lender

Tracing the leads, the investigation then led the police to Mundka, a semi-residential and industrial area in Delhi, where a fake call centre in the name of a loan assistance service was operating. Suspects were allegedly operating the business. With deceptive scripts, their telemarketing staff lured victims with the offer of instant personal loans. When a prospective victim replied favorably and was willing to go further, he was asked to send identification documents and was then forced to pay a "processing fee." Once the payment was made, the accused would cut off contact immediately, leaving the victims shortchanged.

During the raid, seven individuals were apprehended, six of whom were trained tele-callers with a reasonable level of technical skill. In spite of possessing educational certificates and receiving a meagre pay of between ₹8,000 and ₹9,000 a month, these individuals had been enticed into the cybercrime network, demonstrating how educated youth are now more commonly being exploited or recruited by such scam networks in return for quick money.

Uncovering the Sextortion Racket

The most shocking disclosure was that of a sextortion racket being run from New Ashok Nagar, a residential area located in West Delhi, New Delhi. Suspects tricked victims with fraudulent Facebook profiles, contacted them on Messenger, and then changed to WhatsApp video calls. Pornographic videos were played on such calls while the reactions of the victim were secretly recorded. These were later utilised for extortion by threatening to share them with the whole world. The ability of such a group to blackmail and psychologically manipulate the victims indicates the psychological nature of cybercrime and the need for online safety education.

Impact and Significance: A Wake-Up Call for Law Enforcement and Public Awareness

This crackdown is uncovering some ominous trends that reflect the changing face of cybercrime in India. The syndicate's framework highlights the organised and multi-state nature of cybercrime, mostly operating through systemic loopholes. Misuse of social media sites and fintech apps is also rampant, and these are being leveraged for scams, sextortion, and monetary fraud. One of the most concerning trends is young people becoming more engaged in cybercrime, either out of economic necessity or enticed by easy cash. Most of these scams increasingly involve psychological manipulation, particularly in sextortion, where shame and fear are employed as tools. Digital identity fraud has also been facilitated through false documents and lenient Know Your Customer (KYC) checks, with fraudsters being able to evade verification processes.

These observations underscore the necessity of strong reporting channels. There also needs to be an urgent implementation of stringent verification standards in the telecom and banking industries, along with extensive community-level digital literacy initiatives to sensitise citizens to online threats and preventive measures.

CyberPeace Vision: Building a Safe Digital India

India needs a multi-level cyber security approach, comprising people awareness, AI-driven detection systems, and coordination of inter-state policing. Precedence needs to be given to:

• Capacity building of cyber police units.
• Real-time exchange of scam intelligence among law enforcement.
• Schools, colleges, and workplaces should be aware of digital hygiene.
• Rehabilitation of cyber-offenders, especially youth.
• Countering online misinformation and disinformation through fact-checking and public education campaigns
• Ensuring inclusivity in cyber safety policies so vulnerable populations, including rural users, senior citizens, and linguistic minorities, are not left behind

The breakdown of the syndicate is a major victory, but the absence of difficulty with which these networks function highlights the need for cybercrime prevention initiatives, not after the fact. 

Conclusion 

The Delhi Police bust of a pan-India cybercrime gang is evidence of the increasing reach and audacity of cyber crooks from one corner of India to another. From sextortion and social engineering to financial fraud and identity theft on the web, the bust demonstrates how deep and pervasive cybercrime gangs have become. It is also a reminder that anyone can get entangled and that education, awareness, and early reporting are our best defence. With India's online presence expanding day by day, our collective cyber awareness must keep pace. The fight against cybercrime will not be won only by arrests, but through a national effort to secure our digital spaces.

‍

References

1. https://indianexpress.com/article/cities/delhi/delhi-police-cyber-crime-syndicate-10047218/
2. https://www.thehindu.com/news/cities/Delhi/delhi-police-bust-pan-india-cybercrime-syndicate/article69652694.ece#:~:text=The%20Delhi%20police%20have%20dismantled,and%20an%20orchestrated%20sextortion%20racket.
3. https://cybercrime.gov.in/
4. https://www.ncrb.gov.in/
5. https://economictimes.indiatimes.com/wealth/save/online-scams-are-on-the-rise-learn-about-the-latest-tricks-fraudsters-are-using-to-identify-frauds-and-protect-yourself/articleshow/114162295.cms?from=mdr

‍

Executive Summary

‍

Misleading claims related to an incident in Delhi are being widely circulated on social media. Several posts allege that an Indian Army brigadier and his son were assaulted while returning from a “dance club party.” The posts further claim that the attack was triggered by remarks related to “Operation Sindoor.” However, research by the CyberPeace found that these claims are completely false and fabricated.

‍

Claim

‍

On social media platform X, some users (including @ManipurPost5) shared posts claiming that an Indian Army brigadier and his son were attacked after returning from a dance club. The posts also alleged that the altercation escalated after someone mocked “Operation Sindoor.”

• https://x.com/ManipurPost5 

‍

Fact check

‍

To verify the claim, we conducted keyword searches on Google and found a report published by Republic World on April 14, 2026, which included visuals similar to those being circulated.

• https://www.republicworld.com/india/two-arrested-after-army-brigadier-and-son-assaulted-for-opposing-public-drinking-in-delhi 

‍

According to the report, the victims were identified as Brigadier Parminder Singh Arora, a serving Indian Army officer, and his son Tejas Arora. At the time of the incident, they were taking a walk near their residence after dinner. Reports state that they noticed a group of individuals consuming alcohol inside a parked car in a public place and objected to it. This led to an argument, which later escalated into a violent assault. Around 7–8 individuals allegedly attacked the brigadier and his son, with the son sustaining more serious injuries. Questions have also been raised about the role of police personnel present at the scene. Following the complaint, a case was registered, one police constable was suspended, and two accused individuals have been arrested so far. The vehicle involved has also been seized. Further verification led us to another report published by India Today on April 14, 2026, which corroborated the same details of the incident.
‍

• https://www.indiatoday.in/cities/delhi/story/brigadier-and-son-thrashed-in-delhi-after-objecting-to-drinking-alcohol-in-car-crime-news-indian-army-2895732-2026-04-14

‍

‍

Conclusion

‍

The viral claim is misleading and entirely false.The incident has no connection to any “dance club party” or to “Operation Sindoor.” In reality, the altercation began after the brigadier objected to public drinking near his residence.

‍

Introduction
‍

Generative AI, particularly deepfake technology, poses significant risks to security in the financial sector. Deepfake technology can convincingly mimic voices, create lip-sync videos, execute face swaps, and carry out other types of impersonation through tools like DALL-E, Midjourney, Respeecher, Murf, etc, which are now widely accessible and have been misused for fraud. For example, in 2024, cybercriminals in Hong Kong used deepfake technology to impersonate the Chief Financial Officer of a company, defrauding it of $25 million. Surveys, including Regula’s Deepfake Trends 2024 and Sumsub reports, highlight financial services as the most targeted sector for deepfake-induced fraud.

Deepfake Technology and Its Risks to Financial Systems

India’s financial ecosystem, including banks, NBFCs, and fintech companies, is leveraging technology to enhance access to credit for households and MSMEs. The country is a leader in global real-time payments and its digital economy comprises 10% of its GDP.  However, it faces unique cybersecurity challenges. According to the RBI’s 2023-24 Currency and Finance report, banks cite cybersecurity threats, legacy systems, and low customer digital literacy as major hurdles in digital adoption. Deepfake technology intensifies risks like:

• Social Engineering Attacks: Information security breaches through phishing, vishing, etc. become more convincing with deepfake imagery and audio.
• Bypassing Authentication Protocols: Deepfake audio or images may circumvent voice and image-based authentication systems, exposing sensitive data.
• Market Manipulation: Misleading deepfake content making false claims and endorsements can harm investor trust and damage stock market performance.
• Business Email Compromise Scams: Deepfake audio can mimic the voice of a real person with authority in the organization to falsely authorize payments.
• Evolving Deception Techniques: The usage of AI will allow cybercriminals to deploy malware that can adapt in real-time to carry out phishing attacks and inundate targets with increased speed and variations. Legacy security frameworks are not suited to countering automated attacks at such a scale.

Existing Frameworks and Gaps

In 2016, the RBI introduced cybersecurity guidelines for banks, neo-banking, lending, and non-banking financial institutions, focusing on resilience measures like Board-level policies, baseline security standards, data leak prevention, running penetration tests, and mandating Cybersecurity Operations Centres (C-SOCs). It also mandated incident reporting to the RBI for cyber events. Similarly, SEBI’s Cybersecurity and Cyber Resilience Framework (CSCRF) applies to regulated entities (REs) like stock brokers, mutual funds, KYC agencies, etc., requiring policies, risk management frameworks, and third-party assessments of cyber resilience measures. While both frameworks are comprehensive, they require updates addressing emerging threats from generative AI-driven cyber fraud.

Cyberpeace Recommendations 

• AI Cybersecurity to Counter AI Cybercrime: AI-generated attacks can be designed to overwhelm with their speed and scale. Cybercriminals increasingly exploit platforms like LinkedIn, Microsoft Teams, and Messenger, to target people.  More and more organizations of all sizes will have to use AI-based cybersecurity for detection and response since generative AI is becoming increasingly essential in combating hackers and breaches.
• Enhancing Multi-factor Authentication (MFA):  With improving image and voice-generation/manipulation technologies, enhanced authentication measures such as token-based authentication or other hardware-based measures, abnormal behaviour detection, multi-device push notifications, geolocation verifications, etc. can be used to improve prevention strategies.  New targeted technological solutions for content-driven authentication can also be implemented.
• Addressing Third-Party Vulnerabilities: Financial institutions often outsource operations to vendors that may not follow the same cybersecurity protocols, which can introduce vulnerabilities. Ensuring all parties follow standardized protocols can address these gaps.
• Protecting Senior Professionals: Senior-level and high-profile individuals at organizations are at a greater risk of being imitated or impersonated since they hold higher authority over decision-making and have greater access  to sensitive information. Protecting their identity metrics through technological interventions is of utmost importance.
• Advanced Employee Training:  To build organizational resilience, employees must be trained to understand how generative and emerging technologies work. A well-trained workforce can significantly lower the likelihood of successful human-focused human-focused cyberattacks like phishing and impersonation.
• Financial Support to Smaller Institutions: Smaller institutions may not have the resources to invest in robust long-term cybersecurity solutions and upgrades. They require financial and technological support from the government to meet requisite standards.

Conclusion

According to The India Cyber Threat Report 2025 by the Data Security Council of India (DSCI) and Seqrite, deepfake-enabled cyberattacks, especially in the finance and healthcare sectors, are set to increase in 2025. This has the potential to disrupt services, steal sensitive data, and exploit geopolitical tensions, presenting a significant risk to the critical infrastructure of India. 

As the threat landscape changes,  institutions will have to continue to embrace AI and Machine Learning (ML) for threat detection and response. The financial sector must prioritize robust cybersecurity strategies, participate in regulation-framing procedures, adopt AI-based solutions, and enhance workforce training, to safeguard against AI-enabled fraud. Collaborative efforts among policymakers, financial institutions, and technology providers will be essential to strengthen defenses.

‍

Sources 

• https://sumsub.com/newsroom/deepfake-cases-surge-in-countries-holding-2024-elections-sumsub-research-shows/ 
• https://www.globenewswire.com/news-release/2024/10/31/2972565/0/en/Deepfake-Fraud-Costs-the-Financial-Sector-an-Average-of-600-000-for-Each-Company-Regula-s-Survey-Shows.html 
• https://www.sipa.columbia.edu/sites/default/files/2023-05/For%20Publication_BOfA_PollardCartier.pdf 
• https://edition.cnn.com/2024/02/04/asia/deepfake-cfo-scam-hong-kong-intl-hnk/index.html 
• https://www.rbi.org.in/Commonman/English/scripts/Notification.aspx?Id=1721 
• https://elplaw.in/leadership/cybersecurity-and-cyber-resilience-framework-for-sebi-regulated-entities/ 
• https://economictimes.indiatimes.com/tech/artificial-intelligence/ai-driven-deepfake-enabled-cyberattacks-to-rise-in-2025-healthcarefinance-sectors-at-risk-report/articleshow/115976846.cms?from=mdr 

‍