Mumbai, the nation’s financial powerhouse, is grappling with an alarming wave of cyber-enabled financial crimes that have ensnared nearly 20,000 victims since 2020, resulting in staggering losses of over Rs 2,000 crore. Despite regulatory safeguards, reimbursements from banks have been negligible, leaving ordinary citizens—from entrepreneurs to pensioners—ensnared in a web of deceit and institutional foot-dragging.
The onslaught includes sophisticated tactics like credit and debit card cloning, one-time password (OTP) interception, SIM swaps, and ATM manipulations. According to data from the Maharashtra Cyber Cell, authorities registered 4,132 formal complaints (FIRs) related to these schemes, with defrauded individuals forfeiting Rs 161.5 crore. Law enforcement efforts have clawed back a mere Rs 4.8 crore, underscoring the challenges in tracking elusive perpetrators.
Personal stories illuminate the human toll. Romaljit Kaur Makkar, a businesswoman from Sakinaka, watched helplessly as Rs 2.5 lakh vanished from her credit card on April 3, during a routine office meeting in Mumbai. The unauthorized swipes occurred on a merchant terminal in Lucknow, even though her card remained securely in her possession. Makkar suspects her personal identification number (PIN) was skimmed via hidden CCTV footage during an earlier shopping excursion.
Similarly, Navneet Batra, a 64-year-old retired engineer from Borivli East, has endured relentless harassment from bank recovery agents and legal summons since March 2023. Fraudsters, using pilfered card details, executed four bogus transfers totaling Rs 1.9 lakh for herbal supplements sourced from Bihar. Despite promptly alerting Dahisar police and deactivating his card, Batra’s pleas for reversal have gone unheeded by the bank.
ALSO READ : Mumbai’s Hazy Dawn Signals Air Quality Alert Amid Cooling Temps
The Reserve Bank of India (RBI) mandates zero liability for accountholders who notify lenders of fraud within three days of detection. For reports filed between four and seven days, caps range from Rs 10,000 to Rs 25,000 based on the card’s transaction ceiling. Should negligence—such as divulging PINs or OTPs—be proven, victims shoulder the initial hit until reporting the breach; banks must then absorb follow-on damages. Institutions are required to credit reversals within 10 working days and settle disputes within 90 days.
Yashasvi Yadav of the Maharashtra Cyber Cell attributes these breaches to data pilfering via corporate leaks and ATM skimming devices. Cybersecurity expert Ritesh Bhatia contends that pinning blame on users for OTP disclosures misses the mark, as most incidents trace back to foundational lapses like porous databases and lax authentication protocols. “Banks, not customers, bear the onus of fortifying the entire payment infrastructure,” Bhatia emphasized.
Echoing this, retired police commissioner D Sivanandhan stressed that financial institutions remain accountable absent evidence of willful disclosure by victims. Cyber law specialist Dr Prashant Mali decried the widespread disregard for RBI’s zero-liability framework, urging enhanced know-your-customer (KYC) protocols, expedited card suspensions, inter-agency collaboration, and punitive measures against non-compliant banks.
As Mumbai’s cyber threats evolve, the disparity between losses and recoveries highlights a pressing need for systemic overhaul, ensuring that the city’s bustling economy does not come at the expense of its residents’ hard-earned savings.
-
-
-
-
