The digital revolution has brought about significant changes in the banking and financial sectors, offering unprecedented convenience to users. However, this convenience has also led to a rise in cybercrimes targeting these sectors. This paper aims to analyse the various forms of banking financial fraud and scams prevalent in the cyber world and their impact on individuals and financial institutions.

The study highlights the evolving strategies employed by cybercriminals and the proactive cybersecurity measures adopted by banks and financial institutions to combat these threats. Through a comprehensive analysis of real-world case studies and statistical data, this research sheds light on the growing menace of cyber fraud in the banking sector and emphasizes the importance of continuous adaptation and innovation in security measures to counter these threats effectively.

To address the increasing risk of cybercrime, banks and financial institutions have taken a proactive approach to cybersecurity. They are investing significantly in strong security infrastructure and focusing on educating customers to combat financial fraud and identity theft effectively. However, it's important to note that cybercriminals, whether working alone or in groups, are always changing their tactics.

The ongoing fight against financial cyber threats requires constant adaptation and innovation in security measures to counter the evolving strategies of cybercriminals. This research paper aims to provide a comprehensive analysis of the various forms of banking financial fraud and scams prevalent in the cyber world, their impact on individuals and financial institution.

In general words, "Financial fraud" is a situation where a person loses his/ her money dishonestly or mischievously. Online payments have got a huge rise in the world after COVID-19. The payment includes UPI and Internet banking, leading to a hike in cyber money frauds. On July 01, 2016, RBI gave recognition to Cyber Financial Fraud and introduced a circular named "Master Directions on Fraud- Classification and Reporting by Commercial Banks and select Financial Institutions".

RBI has categorised financial fraud as Misappropriation and Criminal Breach of Trust, cheating and forgery, unauthorised credit facility extended for reward or illegal gratification, Fraudulent encashment through forged documents, fraudulent transactions considering foreign exchange, manipulation of books of account or through fictitious accounts and property conversion or any other type of fraud.[1]

According to rule 2.2 of the Circular, these acts shall be read in accordance with the Indian Penal Code, 1860, which considers it an offence. The government has issued certain guidelines concerning this matter and made a mechanism to report cyber financial fraud under the I4C scheme, etc. Cybercrime in the financial sector encompasses activities aimed at securing financial gains through illicit means, including but not limited to identity fraud, ransomware attacks, email and internet scams, and attempts to pilfer financial account or payment card details.

Put simply, financial cybercrime entails actions such as stealing payment card data, gaining unauthorized access to financial accounts for fraudulent transactions, extortion schemes, and using stolen identities to apply for financial services. The financial services industry, due to its profitability, is a prime target for cybercriminals. Nonetheless, cyber financial crime also impacts various companies and individuals, including unsuspecting members of the public.

Online banking is designed mainly to achieve two objectives. First increased convenience for the consumer and second reducing the cost of operations to the banks. In recent years, online payments and fraud have gained much attention. On the one hand, it's easier for people to deal with being cashless, but on the other hand, 70% of these users have been victims of Cyber fraud.

Need to Address Cyber Threats in Banking Sector

Addressing cyber threats in banking is of paramount importance due to several reasons:

• Financial Stability: The banking sector is a cornerstone of the economy, and any disruption due to cyber threats can have significant implications for financial stability. Cyberattacks targeting banks can result in financial losses, disruptions in services, and erosion of customer trust, potentially leading to broader economic repercussions.
• Protection of Customer Data: Banks store vast amounts of sensitive customer information, including personal and financial data. Addressing cyber threats is crucial to safeguarding this data from unauthorized access, theft, or misuse. Failure to protect customer data can result in identity theft, financial fraud, and irreparable harm to individuals' financial well-being.
• Trust and Reputation: Trust is foundational to the banking industry. Customers trust banks to securely manage their money and sensitive information. Any breach of this trust due to a cyber incident can tarnish the bank's reputation, leading to customer attrition, loss of business, and damage to brand image.
• Continuity of Operations: Cyberattacks can disrupt banking operations, leading to service outages, inability to process transactions, and downtime. Addressing cyber threats involves implementing robust cybersecurity measures to ensure the resilience and continuity of banking operations, even in the face of evolving cyber threats.
• Economic Crime Prevention: Cyber threats in banking encompass various forms of economic crimes, including fraud, money laundering, and illicit financial activities. Proactively addressing cyber threats helps prevent these crimes, safeguarding the integrity of the financial system and protecting the economy from illicit activities.
• Innovation and Digital Transformation: The banking industry is undergoing rapid digital transformation, with increased reliance on online and mobile banking platforms, fintech solutions, and digital payment systems. Addressing cyber threats is essential for fostering innovation and enabling secure digital transactions, thereby facilitating the growth of the digital economy.

Overall, addressing cyber threats in banking is critical for preserving financial stability, protecting customer data, maintaining trust and reputation, ensuring regulatory compliance, ensuring continuity of operations, preventing economic crimes, and fostering innovation in the digital era.

Objective of the Research Paper

• Identify and categorize the different types of cyber financial fraud and scams prevalent in the banking sector, such as phishing attacks, account takeover fraud, identity theft, malware-based attacks.
• Analyze the techniques and strategies employed by cybercriminals to execute financial fraud within the cyber world, including exploiting vulnerabilities in banking systems and employing sophisticated tactics to evade detection.
• Investigate the role of technology and regulatory frameworks in combating cyber financial fraud, including the implementation of multi-factor authentication, advanced fraud detection systems, encryption and tokenization techniques, and compliance with regulatory guidelines.

The research paper aims to provide a comprehensive understanding of the challenges posed by cyber financial fraud in the banking sector and propose practical recommendations for mitigating these risks and safeguarding financial systems in the digital age.

Types of Cyber Financial Fraud and Scams

• Phishing Attacks Phishing involves sending deceptive emails to users, falsely claiming to represent a legitimate organization, with the intention of tricking recipients into divulging sensitive information for identity theft purposes. The email typically prompts users to visit a fraudulent website where they're asked to update personal details like passwords, credit card numbers, social security numbers, and bank account information, which the legitimate organization already possesses.
  
  However, the website is a sham, designed solely to extract users' information. By sending these emails to large numbers of people, phishers rely on a percentage of recipients having legitimate credit card details listed, thus increasing the likelihood of successful data theft. Section 66C of the IT Act penalises any offender committing phishing-related activities. It provides that anyone who fraudulently uses an electronic signature, password or any other unique identification feature of any other person is punishable with imprisonment of up to three years and a fine of up to rupees one lakh.
   
• Cyber Fraud Cyber fraud, as implied by its name, encompasses fraudulent activities carried out using computers or the internet. Any individual who dishonestly exploits the internet to deceive others, unlawfully acquire personal data, or engage in deceptive practices with the aim of monetary gain is considered a cyber fraudster. Examples of cyber fraud include sending deceptive emails containing false invoices or impersonating official email addresses to trick recipients. While there may not be a specific legal classification for cyber fraud, it falls under the purview of Section 420 of the Indian Penal Code (IPC), which addresses cheating. According to this section, individuals found guilty of cyber fraud can face imprisonment for up to seven years along with a fine.
   
• Spyware Spyware, categorized as a form of malware or malicious software, operates surreptitiously upon installation, accessing and manipulating another person's device without the user's consent. The main objective of spyware is to illicitly obtain sensitive information such as credit card numbers, passwords, and One-Time Passwords (OTPs). Under Section 43 of the IT Act, individuals found guilty of deploying spyware to compromise the integrity of another person's computer system or device without authorization are subject to penalties. This section stipulates that if an individual damages or interferes with the computer or system of another person without consent, they are liable to compensate the affected party for damages incurred.
   
• Salami Attack Salami attack is a tactic employed by hackers to pilfer money in small increments, aiming to go unnoticed by victims. There are two primary types of Salami attacks: Salami slicing and Penny shaving. In Salami slicing, the attacker accesses an online database to acquire customer information, including bank or credit card details. Subsequently, the attacker deducts tiny amounts from multiple accounts over time. While each deduction appears insignificant, the cumulative effect results in substantial sums being surreptitiously siphoned from the accounts. Under Section 66 of the IT Act, individuals found guilty of perpetrating a Salami attack are subject to punishment. This may include imprisonment for up to three years, a fine of up to 5 lakhs, or both, depending on the severity of the offense.
   
• Identity Theft Identity theft occurs when an individual's personal information is unlawfully acquired and used by another person to impersonate them for fraudulent purposes. Recently, a social media user shared an experience where they received an email purportedly from their boss' account, requesting a significant sum to be transferred to a client's account. Without verifying the authenticity of the request, the user transferred the amount, unknowingly falling victim to identity theft and subsequent financial fraud. This incident serves as a clear example of identity theft in action.
   
• Cyber Theft Cyber theft, a form of cybercrime, entails the unauthorized access of personal or other sensitive information through the internet. Cybercriminals perpetrate this crime with the aim of acquiring confidential data such as passwords, images, and phone numbers, which they then exploit to extort a significant sum of money. Additionally, cyber theft encompasses the unlawful transmission of copyrighted materials, trademarks, and other intellectual property over the internet. Various methods, including hacking and email/SMS spoofing, are employed to carry out cyber thefts. One notable case related to cyber theft in India is Yahoo!, Inc. v. Akash Arora (1999). In this instance, the defendant was accused of utilizing the trademark or domain name 'yahooindia.com.' The Court issued a permanent injunction under Order 39 Rules 1 & 2 CPC in favour of the plaintiff. Under the IT Act, data theft is defined under Section 43(b) as the unauthorized downloading, copying, or extraction of any data, computer database, or information from a computer, system, or network without the owner's permission. As for cyber theft, specifically identity theft, punishment is prescribed under Section 66C of the IT Act. Offenders may face imprisonment for up to three years and/or a fine of up to Rs 2 lakhs.

Modus Operandi of Cyber Criminals

In general, modus operandi is the method acquired by any criminal for the successful commission of a crime. The modus operandi is the principle that a criminal is prone to employing the same method consistently, and any analysis or documentation of that method utilized in each serious crime can serve as a means of identifying a specific crime. At a minimum, every Modus Operandi will contain three


Exploitation of vulnerabilities in banking system:
A study conducted in 2018 revealed that every online bank was susceptible to unauthorized access to sensitive bank information and clients' personal data, with 54% of online banks being vulnerable to fraud and theft. Attackers could exploit various vulnerabilities to gain unauthorized access to clients' personal data and, in certain instances, sensitive bank information like account statements and payment orders.

It was found that all online banks analysed had at least one vulnerability that facilitated such access. This threat is particularly pertinent to applications with flaws in their authentication and authorization mechanisms. Developers of online banking platforms often make mistakes in implementing single sign-on (SSO) based on the OAuth 2.0 protocol, leading to the interception of credentials transmitted via an insecure protocol and potential session hijacking by malicious actors.[7]

Banking trojans exploit a range of vulnerabilities within financial systems to execute their malicious operations. Among the most prevalent tactics utilized by these trojans is the application of social engineering techniques to deceive users into unwittingly installing the malware. For instance, trojans often disguise themselves as authentic applications or software updates, enticing users to initiate their download and installation. Upon installation, these trojans can illicitly access sensitive user data, including login credentials and financial transaction information.

Sophisticated tactics for evading detection by attackers:
The five major evasion techniques are:

1. Signature-based evasion Techniques
   Signature-based evasion Techniques involve altering the characteristics of malicious software to avoid detection by security solutions that are based on and rely on predefined signatures or patterns. These evasion techniques are employed by cybercriminals to bypass traditional antivirus and intrusion detection systems. Here are the various kinds of malware that this category of techniques helps detect.
   
   Polymorphic and metamorphic malware
   Traditional signature- based antivirus programmes can't detect and block this malware effectively. Polymorphic malware can change its code or appearance everytime it infects a new system, and metamorphic malware takes this concept a step further by also modifying its underlying code. This evasion technique involves altering the malware's structure or encryption method, which relies on identifying specific patterns within the malware's code. It creates numerous unique variants that evade static signature- based detention.
    
2. Behaviour-based evasion Techniques
   To evade detection by security systems that rely on recognising unusual or malicious behaviour, behaviour- based evasion techniques involve altering the actions and characteristics of malware. These evasion techniques aim to bypass behaviour signature-based detention by focusing on dynamic analysis and anomalous activities.
   
   Sandbox Detection
   Sandbox detection in malware involves the use of behaviour- based evasion techniques to identify if the malware is running within a controlled environment. Malware equipped with sandbox detection mechanisms can detect the presence of certain attributes or behaviours associated with such environments, like specific file paths, registry entries, or network configurations, upon detection, the malware may alter its behaviour, delay malicious actions, or stay dormant to evade analysis.
    
3. Anti-analysis Technique
   Anti- analysis techniques are strategies employed by malware authors to impede the efforts of security researchers, analysts, and automated systems attempting to analyse and understand malicious software. These techniques make it more difficult to uncover the true intent and behaviour of malware, ultimately hindering effective defence and response.
    
4. Process Injection Techniques
   Strategies used by malware to insert their malicious code into legitimate processes running on a compromised system are known as process injection techniques. This enables malware to evade detection, leverage the privileges of the targeted process, and execute its malicious activities under a trusted application guise.
    
5. Fireless malware Techniques
   Fireless malware refers to malicious code that operates entirely within a computer's memory, without leaving a trace on the filesystem. This evasion technique allows malware to avoid detection that focus on detecting and analysing files.[8]

Impact of Cyber Financial Fraud

• Financial losses incurred by Banks and Customers Financial losses can severely damage a bank's reputation and erode customer confidence over the long term. According to recent research by Accenture, 36% of banking customers who fell victim to cybercrime reported a loss of trust in their bank. Among these customers, 65% expressed willingness to switch to another financial institution.
  
  This underscores the criticality of robust cybersecurity measures in not only minimizing financial losses but also in preserving customer trust. Additionally, indirect costs such as operational disruptions, reputational harm, legal fees, and regulatory fines further underscore the importance of effective cybersecurity practices.
   
• Customer trust and reputation damage One of the primary repercussions of cybercrime within the banking sector is the erosion of trust and confidence in financial institutions. Customers entrust banks with safeguarding their personal and financial information, and any breach of this trust can severely damage the institution's reputation.
  
  Moreover, the apprehension surrounding cybercrime may dissuade prospective customers from engaging with banking services, resulting in revenue loss for the industry. Hence, addressing cybercrime in the banking sector necessitates prioritizing initiatives aimed at fostering and upholding trust and confidence among customers. Reputational harm stands out as a pivotal consequence of cybercrime within the banking sector. A notable instance is the 2017 Equifax data breach, which compromised the personal details of more than 150 million clients, leading to substantial reputational damage and costly litigation for the company. Banks encounter analogous risks, with the potential repercussions on customer trust and reputation being profound. Hence, it is imperative for banks to allocate resources towards cybersecurity initiatives aimed at mitigating these risks.
   
• Psychological and emotional toll on victims It is crucial to acknowledge that certain types of cybercrime can result in multifaceted victimization. For instance, while the immediate impact of online fraud may seem financial in nature, research by Button et al. (2014) indicates that victims may also suffer adverse effects on their mental and physical well-being, as well as on their personal relationships.
  
  Whitty and Buchanan argue that individuals targeted by online dating romance scams experience a 'double blow', as they not only endure financial losses but also grapple with the emotional toll of losing a relationship. Buchanan and Whitty's (2014) survey revealed significant variations in the levels of emotional distress reported by victims, with instances where emotional distress was high even in the absence of financial loss.
  
  Further exploration through in-depth interviews with a select group of victims unveiled that those who had fallen victim to online romance scams expressed greater distress over the loss of their relationship than the monetary loss itself. Moreover, the lack of social support exacerbated their distress, with some victims reporting feelings of anger and blame from their family and friends.
  

Technology and Regulatory Measures for Mitigation

Combating Fraud with Technology solutions

• The Reserve Bank of India (RBI) has implemented the Legal Entity Identifier (LEI) system to address the issue of dubious individuals siphoning off large sums of taxpayer money through complex webs of companies across various geographical locations, making it challenging to monitor such transactions. The primary objective of LEI is to detect and prevent banking fraud. RBI has mandated a phased rollout of LEI for all Indian bank borrowers, with entities lacking an LEI code after a certain date being ineligible for credit facility renewal or enhancement. LEI is a unique 20-digit global reference number that uniquely identifies a company, and it is widely recognized as a crucial measure for enhancing the accuracy and quality of financial data to facilitate better risk management.
   
• In the realm of due diligence, banks must consider a multitude of factors before extending loans to individuals or businesses. One key preventive measure involves scrutinizing applicants' public records to assess their creditworthiness. Financial institutions can also analyse the financial behaviour and patterns of entities or individuals. Tax filings, including Income Tax Returns (ITR) or Goods and Services Tax (GST) filings, serve as valuable indicators of an entity's business health and legitimacy. The absence of GST or ITR data should raise concerns for lending institutions, as it could signal potentially fraudulent activity.
   
• Furthermore, banks can employ advanced technologies such as Artificial Intelligence (AI) and Machine Learning (ML) to enhance their operations. However, leveraging these technologies effectively requires a thorough understanding and analysis of the data collected over time. Financial institutions should develop or integrate sophisticated fraud prediction models to proactively identify irregularities and flag suspicious applicants.
   
• Effective governance, non-interference from political entities, robust internal and external auditing processes, stringent authentication protocols, continuous transaction monitoring, promoting fraud awareness, and adherence to RBI guidelines for reporting malpractices are among the measures that banks should implement to combat fraud.
   
• The rise in fraudulent activities and the challenges faced by auditors in detecting them have led to an increased demand for forensic accountants. Forensic accountants play a pivotal role in detecting fraud through specialized procedures and methodologies. Organizations must establish robust anti-fraud policies to differentiate between fraud and malfeasance. It's imperative to maintain a zero-tolerance policy towards fraudulent activities across all levels of the organization.

Strategies for Enhancing Cybersecurity Resilience

A cyber resilience strategy is a thorough blueprint comprising crucial steps to recognize, address, and rebound from cyber threats. It considers the wider scope of cybersecurity, aligning with the goals, risk thresholds, and regulatory mandates of your organization. Unlike a cyber resilience framework, it offers a strategic methodology to fortify resilience against cyberattacks.

• Cyber security awareness programs Organise cyber security related awareness programs through which people who have less knowledge about cyber security it helps them to understand the issues related to Cyber-crimes. Cybersecurity is a shared responsibility and we each have a part to play.
  
  When we all take simple steps to be safer online- at home, in the workplace, and in our communities- it makes using the Internet a more secure experience for everyone. This Program is part of an unprecedented effort among federal and state governments, industry, and non-profit organizations to promote safe online behaviour and practices. It is a unique public-private partnership, implemented in coordination with the National Cyber Security Alliance.
   
• Continuous monitoring and threat intelligence sharing Threat intelligence pertains to the collection and evaluation of data concerning security threats within the context of cybersecurity, serving as a proactive measure for threat management. This real-time data encompasses information on specific external threats or threat actors.
  
  It also includes identification of digital risk vulnerabilities within systems that could potentially be exploited. Moreover, threat intelligence encompasses knowledge of known malware, viruses, code, or exploits, whether they are in development or have been utilized in past attacks. Additionally, it encompasses information that aids analysts within organizations in identifying a breach once it has occurred.
  
  The extensive range covered by threat intelligence analysis is closely linked to the evolving threat landscape confronting organizations today. Cybersecurity has undergone rapid transformations in how threats are evaluated and countered. Presently, organizations encounter security threats that are increasingly persistent and sophisticated. In reaction to this, security teams have had to continuously adjust to a constantly changing array of external threats confronting organizations.
   
• Investment in cutting-edge cybersecurity technologies In the realm of cybersecurity, cutting-edge technology denotes state-of-the-art technologies and methodologies designed to safeguard digital assets, systems, and sensitive data from security threats. This technology is closely intertwined with cybersecurity, as it undergoes continuous updates and enhancements.

Case Studies and Real-life examples:

• CBI v. Arif Azim (Sony Sambandh case)[10]
  The website www.sony-sambandh.com facilitated NRIs in sending Sony products to their friends and relatives in India after online payment.
  
  In May 2002, an individual using the name Barbara Campa logged into the website and placed an order for a Sony Colour TV set and a cordless telephone for Arif Azim in Noida, paying through a credit card. However, the credit card agency later informed the company that the payment was unauthorized, as the real owner denied making such a purchase.
  
  Subsequently, a complaint was lodged with the CBI, and a case was registered under Sections 418, 419, and 420 of the Indian Penal Code, 1860. Investigations revealed that while working at a call centre in Noida, Arif Azim gained access to Barbara Campa's credit card details, which he then misused. Arif Azim was convicted by the Court, but due to his young age and first-time offense, the Court showed leniency. He was released on probation for a year. This case is considered a landmark in Cyber Law as it demonstrated that the Indian Penal Code, 1860 can be effectively utilized in cases where the IT Act is not comprehensive enough.
  
  In the case of Poona Auto Ancillaries Pvt. Ltd. v. Punjab National Bank, HO New Delhi & Others [11], Rajesh Aggarwal from Maharashtra's IT department (acting as the representative) directed Punjab National Bank to compensate Manmohan Singh Matharu, Managing Director of Pune-based company Poona Auto Ancillaries, with Rs. 45 lakhs.
  
  The fraud occurred when an impersonator transferred Rs. 80.10 lakh from Matharu's account at PNB, Pune, after he fell victim to a phishing email. Despite the victim's role in responding to the phishing email, the bank was deemed negligent for failing to conduct security checks on fraudulent accounts created to deceive the victim.
   
• CISCO
  In May 2022, Cisco, a multinational digital communications company, detected an intruder within their network. An internal investigation revealed that the attacker had executed a series of sophisticated voice phishing attacks to gain access to a Cisco employee's Google account. Since the employee's credentials were synced in a browser, the attacker could easily infiltrate Cisco's internal systems.
  
  Upon gaining initial access, the attacker attempted to remain undetected within Cisco's network and escalate their level of access. However, Cisco's security team successfully expelled the attacker from the network. Subsequently, the ransomware gang Yanluowang published leaked files on their website. Cisco stated that this breach did not impact their business operations.
  
  In 2015, a technology company reported a loss of $46.7 million due to cyber theft. Fraudsters posed as a company lawyer overseeing an acquisition, convincing the company to transfer funds to an offshore account in Hong Kong. The fraud was discovered months later when the FBI alerted company officials to the wire fraud. The company was able to halt some transfers and recover $16.7 million.

Conclusion
In conclusion, the paper sheds light on the alarming rise of cyber financial fraud and scams in the banking sector. The evolution of cybercrime poses significant challenges to financial institutions, individuals, and the overall economy. It is evident that combating these threats requires a multi-faceted approach, including robust cybersecurity measures, continuous security awareness training, and effective regulatory frameworks.

Collaborative efforts between the public and private sectors are essential to stay ahead of cybercriminals and protect financial systems from malicious attacks. Despite the challenges, there is hope that with proactive strategies and technological advancements, the financial sector can mitigate the risks posed by cyber threats and safeguard the integrity of financial transactions.

We have learnt from these cyber security incidents that Awareness serves as the primary defence, Security awareness training can educate employees on recognizing and evading phishing emails, suspicious links, malware-carrying attachments, and fraudulent requests for sensitive information or fund transfers. However, training must adapt to the changing tactics of fraudsters; conducting phishing drills and other real-time simulations of attacks can help maintain users' vigilance.

Recommendations
Implement Strong Authentication Measures: Use multi-factor authentication for accessing financial accounts and sensitive information. This adds an extra layer of security beyond just a username and password.

• Regular Security Audits: Conduct regular audits of your security systems and processes to identify and rectify vulnerabilities.
• Employee Training: Provide regular training to employees on recognizing phishing attempts, social engineering tactics, and other cyber threats.
• Update Software: Ensure that all software and systems are regularly updated with the latest security patches and updates.
• Use Encryption: Encrypt sensitive data both in transit and at rest to protect it from unauthorized access.
• Incident Response Plan: Develop and maintain an incident response plan to quickly address and mitigate the impact of any cyberattacks.
• Monitor Financial Transactions: Continuously monitor financial transactions for any signs of unauthorized or suspicious activity.
• Collaborate with Industry Partners: Work with industry partners, law enforcement, and cybersecurity organizations to share information and best practices for combating cyber financial fraud.
• Compliance with Regulations: Ensure compliance with relevant regulations and standards related to cybersecurity in the financial industry.
• Backup Data Regularly: Regularly backup important data and ensure backups are stored securely to protect against data loss due to cyberattacks.

By implementing these recommendations, financial institutions can significantly reduce their risk of falling victim to cyber financial fraud.

End Notes:

1. Reserve Bank of India, Report: Cyber Security Framework in Banks (Reserve Bank of India, 02-06-2016). URL: [1] Reserve Bank of India, Report: Cyber Security Framework in Banks (Reserve Bank of India, 02-06-2016).
2. The Information Technology Act, 2000 (Act 21 of 2000). URL: [2] The Information Technology Act, 2000(Act 21 of 2000).
3. The Indian Penal Code, 1860 (Act 45 Of 1860). URL: [3] The Indian Penal Code, 1860 (Act 45 Of 1860).
4. The Information Technology Act, 2000 (Act 21 of 2000). URL: [4] The Information Technology Act, 2000(Act 21 of 2000).
5. The Information Technology Act, 2000 (Act 21 of 2000). URL: [5] The Information Technology Act,2000(Act 21 of 2000).
6. 1999 IIAD Delhi 229, 78 (1999) DLT 285. URL: [6] 1999 IIAD Delhi 229, 78 (1999) DLT 285.
7. Khrais LT, "Vulnerabilities of Online Banking System" 20 JIBC 1 (2018). URL: [7] Khrais LT," Vulnerabilities of Online Banking System" 20 JIBC 1(2018).
8. Saanchi Gupta Ghosh, "Top Five malware detection evasion techniques in 2023" India Times, Sep 22, 2023. URL: [8] Saanchi Gupta Ghosh, "Top Five malware detection evasion techniques in 2023" India Times, Sep22, 2023.
9. Ratchana R, "Mitigating and reducing Banking Frauds with Recent Developments in Technology" The Times of India, Nov 23, 2022. URL: [9] Ratchana R, "Mitigating and reducing Banking Frauds with Recent Developments in Technology" The Times of India, Nov 23,2022.
10. CBI v. Arif Azim (2013). URL: [10] CBI v. Arif Azim (2013).
11. Poona Auto Ancillaries Pvt. Ltd. v. Punjab National Bank, HO New Delhi & Others, Telecom Dispute Settlement, May 21, 2018. URL: [11] Poona Auto Ancillaries Pvt. Ltd. v. Punjab National Bank, HO New Delhi & Others, Telecom Dispute Settlement, May21, 2018.