#FactCheck: Fake video falsely claims FM Sitharaman endorsed investment scheme

Introduction

India’s telecommunications infrastructure is one of the world’s largest and most complex, serving over a billion users across urban and rural landscapes. With rampant digitisation and mobile penetration, the vulnerability of telecom networks to cyber threats has grown exponentially. On April 24, 2025, the Ministry of Communications (MOC) released a draft of the “Telecommunications (Telecom Cyber Security) Amendment Rules, 2025,” to update the prior Telecommunications (Telecom Cyber Security) Rules, 2024, to improve cybersecurity in India's telecom industry and fortify network security. Public comments and recommendations regarding these draft rules can be sent to the department by July 24, 2025, after they have been made available for public comment. These rules are enacted under the Telecommunications Act, 2023, to enhance national cybersecurity in the telecom domain. These rules aim to prevent misuse of telecom networks and reinforce data and infrastructure protection mechanisms across service providers. 

‍

Safeguarding the Spectrum: Unpacking the 2025 Cybersecurity Revisions

‍

The menace of fraudulent SIM cards deals the issue of cyber threats a fresh hand. The rising number of digital scams can also be attributed to unverified or fake mobile numbers. Fraudulent SIM cards have often been linked to various cybercrimes such as phishing, vishing, SIM swapping and identity theft. The situation has worsened in the face of easy availability of pre-activated SIM cards and weak KYC enforcement. In a recent example, as per reports of June 28, 2025, the Special Task Force (STF) found that the accused was operating a criminal nexus where he utilised fake documents and the Aadhaar credentials of law-abiding locals to activate numerous SIM cards. Following activation, the SIMs were either transferred to other telecom carriers for additional exploitation or sold illegally. This poses a serious concern for the data protection of vulnerable individuals, especially those in rural areas, whose credentials have been compromised. 

Given the adverse state of cybersecurity in the telecom industry, the Telecommunications (Telecom Cyber Security) Rules, 2024, were passed on 22nd November, 2024, which put various telecom entities under an obligation to actively prevent cybersecurity threats by adopting such policies that mitigate cybersecurity risks and notify the same to the Central Government. The 2024 Telecom Cybersecurity Rules were a significant step in fortifying India’s telecom infrastructure against cyber threats, but they primarily focused on licensed telecom service providers, leaving behind a large segment of digital platforms operating outside the traditional telecom framework largely unregulated. 

‍

Expanding the Net: Key Revisions Under the 2025 Cybersecurity Amendment Rules

‍

The amended rules of 2025 adequately address the regulatory blind spot that is created by the rapid expansion of online services, fintech apps, OTT platforms and social media networks, as these platforms often rely on telecom identifiers such as mobile numbers for user onboarding and service delivery. This regulatory blind spot was exploited for fraud, impersonation and other cybercrimes, especially in the absence of standardised identity verification mechanisms. The proposed regulations would give the government the authority to require private companies’ clients to provide identification if they use a mobile number. For a fee, businesses can also undertake this kind of verification on their own. “ The draft rules introduce a new category called “Telecommunication Identifier User Entities’ (TIUEs), extending cybersecurity compliance obligations to a broad category that now captures any entity using telecom identifiers to deliver digital services. It also creates a unified, government-backed verification framework, enabling better interoperability and uniform user identification norms across sectors. 

‍

While strengthening national digital security is the goal of the Telecom Cybersecurity (Amendment) Rules, 2025, the proposed rules create a great deal of uncertainty and compliance difficulties, especially for private digital platforms. A broad definition of Telecommunication Identifier User businesses (TIUEs) may include a variety of businesses, including e-commerce services, fintech apps and OTT platforms, under the purview of required mobile number verification. Given that many platforms already have advanced internal processes in place to verify users, this scope uncertainty creates significant concerns regarding operational clarity. 

‍

Conclusion

The Telecommunications (Telecom Cyber Security) Amendment Rules, 2025, represent a necessary evolution in India’s quest to secure its telecom ecosystem amid growing cyber threats. The draft regulations recognise the evolving landscape of digital services by broadening the legal scope to encompass Telecommunication Identifier User Entities (TIUEs). Though the goal of creating a strong, transparent and accountable framework is admirable, more clarification and stakeholder involvement are required due to the scope’s vagueness and the possible compliance burden on digital platforms. A truly durable telecom cybersecurity regime will require striking the correct balance between security, viability and privacy. 

‍

References 

‍

• https://www.cyberpeace.org/resources/blogs/the-government-enforces-key-sections-of-the-telecommunication-act-2023
• https://www.cyberpeace.org/resources/blogs/govt-notifies-the-telecommunications-telecom-cyber-security-rules-2024 
• https://the420.in/uttarakhand-stf-busts-fake-sim-racket-linked-to-cyber-crimes-and-nepal-network/ 
• https://www.thehindu.com/business/dot-puts-out-draft-rules-to-enable-mobile-user-validation/article69741367.ece ‍
• https://www.scconline.com/blog/post/2025/06/28/dot-telecom-cyber-security-draft-policy-update/

Introduction

The Reserve Bank of India (RBI) has mandated banks to switch their digital banking domains to 'Bank.in' by October 31, 2025, as part of a strategy to modernise the sector and maintain consumer confidence. The move is expected to provide a consistent and secure interface for online banking, as a response to the increasing threats posed by cybercriminals who exploit vulnerabilities in online platforms. The RBI's directive is seen as a proactive measure to address the growing concerns over cybersecurity in the banking sector.

RBI  Circular - Migration to '.bank.in' domain

The official circular released by the RBI dated April 22, 2025, read as follows:

“It has now been decided to operationalise the ‘. bank.in’ domain for banks through the Institute for Development and Research in Banking Technology (IDRBT), which has been authorised by National Internet Exchange of India (NIXI), under the aegis of the Ministry of Electronics and Information Technology (MeitY), to serve as the exclusive registrar for this domain. Banks may contact IDRBT at sahyog@idrbt.ac.in to initiate the registration process. IDRBT shall guide the banks on various aspects related to application process and migration to new domain.”

“All banks are advised to commence the migration of their existing domains to the ‘.bank.in’ domain and complete the process at the earliest and in any case, not later than October 31, 2025.”

CyberPeace Outlook

The Reserve Bank of India's directive mandating banks to shift to the 'Bank.in' domain by October 31, 2025, represents a strategic and forward-looking measure to modernise the nation’s digital banking infrastructure. With this initiative, the RBI is setting a new benchmark in cybersecurity by creating a trusted, exclusive domain that banks must adopt. This move will drastically reduce cyber threats, phishing attacks, and fake banking websites, which have been major sources of financial fraud. This fixed domain will simplify verification for consumers and tech platforms to more easily identify legitimate banking websites and apps.  Furthermore, a strong drop in online financial fraud will have a long-term effect by this order.  Since phishing and domain spoofing are two of the most prevalent forms of cybercrime, a shift to a strictly regulated domain name system will remove the potential for lookalike URLs and fraudulent websites that mimic banks. As India’s digital economy grows, RBI’s move is timely, essential, and future-ready.

References

• https://www.rbi.org.in/scripts/NotificationUser.aspx?Id=12837&Mode=0

‍

Introduction

The 2025 Delhi Legislative Assembly election is just around the corner, scheduled for February 5, 2025, with all 70 constituencies heading to the polls. The eagerly awaited results will be announced on February 8, bringing excitement as the people of Delhi prepare to see their chosen leader take the helm as Chief Minister. As the election season unfolds, social media becomes a buzzing hub of activity, with information spreading rapidly across platforms. However, this period also sees a surge in online mis/disinformation, making elections a hotspot for misleading content. It is crucial for citizens to exercise caution and remain vigilant against false or deceptive online posts, videos, or content. Empowering voters to distinguish facts from fiction and recognize the warning signs of misinformation is essential to ensure informed decision-making. By staying alert and well-informed, we can collectively safeguard the integrity of the democratic process.

‍

Risks of Mis/Disinformation

According to the 2024 survey report titled ‘Truth Be Told’ by ‘The 23 Watts’, 90% of Delhi’s youth (Gen Z) report witnessing a spike in fake news during elections, and 91% believe it influences voting patterns. Furthermore, the research highlights that 14% of Delhi’s youth tend to share sensational news without fact-checking, relying solely on conjecture.

‍

Recent Measures by ECI

Recently the Election Commission of India (EC) has issued a fresh advisory to political parties to ensure responsible use of AI-generated content in their campaigns. The EC has issued guidelines to curb the potential use of "deepfakes" and AI-generated distorted content by political parties and their representatives to disturb the level playing field. EC has mandated the labelling of all AI-generated content used in election campaigns to enhance transparency, combat misinformation, ensuring a fair electoral process in the face of rapidly advancing AI technologies.

‍

Best Practices to Avoid Electoral Mis/Disinformation 

• Seek Information from Official Sources: Voters should rely on authenticated sources for information. These include reading official manifestos, following verified advisory notifications from the Election Commission, and avoiding unverified claims or rumours.
• Consume News Responsibly: Voters must familiarize themselves with dependable news channels and make use of reputable fact-checking organizations that uphold the integrity of news content. It is crucial to refrain from randomly sharing or forwarding any news post, video, or message without verifying its authenticity. Consume responsibly, fact-check thoroughly, and share cautiously.
• Role of Fact-Checking: Cross-checking and verifying information from credible sources are indispensable practices. Reliable and trustworthy fact-checking tools are vital for assessing the authenticity of information in the digital space. Voters are encouraged to use these tools to validate information from authenticated sources and adopt a habit of verification on their own. This approach fosters a culture of critical thinking, empowering citizens to counter deceptive deepfakes and malicious misinformation effectively. It also helps create a more informed and resilient electorate.
• Be Aware of Electoral Deepfakes: In the era of artificial intelligence, synthetic media presents significant challenges. Just as videos can be manipulated, voices can also be cloned. It is essential to remain vigilant against the misuse of deepfake audio and video content by malicious actors. Recognize the warning signs, such as inconsistencies or unnatural details, and stay alert to misleading multimedia content. Proactively question and verify such material to avoid falling prey to deception.

References

1. https://www.financialexpress.com/business/brandwagon-90-ofnbsp-delhi-youth-witness-spike-in-fake-news-during-elections-91-believe-it-influences-voting-patterns-revealed-the-23-watts-report-3483166/
2. https://timesofindia.indiatimes.com/india/election-commission-urges-parties-to-disclose-ai-generated-campaign-content-in-interest-of-transparency/articleshow/117306865.cms
3. https://www.thehindu.com/news/national/election-commission-issues-advisory-on-use-of-ai-in-poll-campaigning/article69103888.ece
4. https://indiaai.gov.in/article/election-commission-of-india-embraces-ai-ethics-in-campaigning-advisory-on-labelling-ai-generated-content