Stop cyber scams before they occur with real-time monitoring
Addressing the menace of cybercrime figures high on the police agenda, along with tackling major focus areas such as violent crimes, ensuring women's safety, combating drug trafficking, strengthening law and order and improving investigation standards.
And, for good reason. For example, in Haryana alone, 2023 saw over 1,15,000 reported cases of cybercrime, with a total defrauded amount of Rs 602 crore. However, only 12 per cent of the stolen money could be blocked and recovered. The situation was dire as the authorities seemed to be fighting an invisible enemy, one that required more than traditional police methods to combat.
The Haryana police bolstered its resources and deployed additional manpower. It convinced banks to step in by stationing their nodal officers at the 1930 Helpline for better coordination. The collective efforts began to show results as the recovery rate more than doubled to 27 per cent in 2024. Additionally, 5,156 cyber criminals were arrested in 2024, compared to only 1,909 in 2023 and 1,078 in 2022. This trend continues in 2025, with 571 arrests in January 2025, up from just 138 in January 2024.
Notably, nearly 70 per cent of the arrests are from other states. In just 16 months, Haryana catapulted from a dismal 23rd place in the national rankings to the top.
This progress is commendable but the moot question is whether this is enough to deter cyber fraudsters from continuing their illegal activities in the state. The answer, unfortunately, is no.
Worse, the battle is becoming increasingly tougher, as taking the recovery rate from 35 per cent to 50 per cent will not be as easy as was the initial progress from 10 per cent to 25 per cent.
The biggest challenge in the fight against cybercrime is that by the time the victim realises that he or she has been defrauded and lodges a complaint on the national helpline (1930) or the national cybercrime reporting portal (NCRP), the stolen money has often already gone out of the banking system, many times transferred even into offshore bank accounts or encashed out of ATMs within the country or abroad.
So, how can the tide be shifted?
The solution lies in a fundamental shift in how cybercrime is dealt with: from a reactive approach to a proactive one. Instead of waiting for the victim to lodge a complaint, there is need to build the capacity to detect fraud in real time — before the victim even realises what has happened.
Currently, the approach of the law enforcement agencies and banks, led by the RBI, is complaint-centric. The system is set in motion only after the victim lodges a complaint.
However, experience has shown that this approach can only lead to limited success. In Haryana, with the best possible efforts, a recovery rate of only around 30 per cent could be achieved. It falls short of what is needed to deter cyber criminals, as is evident from the increasing number of fraud complaints.
To achieve the required level of deterrence in the country, the blocking and recovery rates must be increased to at least 60-70 per cent, with a matching number of arrests of fraudsters.
To attain this goal, it is essential to monitor every transaction in the banking system for tell-tale signs of fraud.
In a typical cybercrime, money is moved from the victim's account to one or more mule accounts, which then shuffle the money through a series of transactions before it is siphoned out of the system. Mule accounts are bank accounts characterised by low balances and a pattern of quick in-and-out transactions.
The ability to monitor transactions in real time gives one a distinct advantage. By detecting when funds are transferred into a suspected mule account, the system could immediately trigger an alert. This proactive approach would enable the stopping of the fraud even before the victim realises that he or she has been targeted.
To make this work, a unique ID must be assigned to every transaction that works across banks, allowing one to track the flow of money across the entire banking system.
The process of identifying mule accounts is already on. The Reserve Bank of India has recently launched Mulehunter, a software application to identify mule accounts, and banks are in the process of adopting it.
However, this needs to be taken a step further. Also needed is the establishment of a list of ‘verified accounts’ — accounts that are not likely to be involved in fraud. They include current accounts of business entities, salary accounts of employees and savings bank accounts having sizeable bank balances or associated fixed deposits.
When money flows from a victim's account to a suspected mule account, the system should trigger an alert. If the money, or a sizeable portion of it, is further passed through a series of mule accounts, the system could notify the 1930 helpline to investigate.
The investigators could then immediately contact the account holder to find out if she has fallen victim to fraud and take steps to block the funds accordingly.
If, on the other hand, the funds end up in a verified account at any stage, the monitoring could stop, saving precious system resources and time.
This is the age of artificial intelligence. Therefore, it should not be difficult to design a system for monitoring every banking transaction to detect fraud in real time. The National Payment Corporation of India (NPCI), a wholly owned subsidiary of the RBI having access to all bank databases, is ideally placed to implement such a system. Once in place, this would be a sure-fire method of preventing cybercrimes.
The best part is that if we succeed in preventing cyber frauds in this manner, other countries and multinational banks would line up to learn from our experience, earning us goodwill and, perhaps, some foreign exchange, too.
