YFLO Hyderabad, under the leadership of Chairperson Pallavi Jain, hosted a cybersecurity session, Cyber Safe, for 30 students of Pallavi International School. The session was led by speaker Rakshit Tandon. The workshop focused on the growing threat of cybercrime in India, highlighting its financial impact and various forms of cyberattacks, including AI-driven deepfakes, sophisticated scams, and malicious software. The session also covered government cybersecurity initiatives and comprehensive advice on personal and digital security.
Key Learnings/Takeaways
- Financial Impact and Reporting: India’s financial losses to cybercrime saw a 206% increase from 2023 to 2024, with ₹22,845 crores lost. The recovery rate for these losses is only about 24%. Fast reporting is critical, as 70-80% recovery is possible if reported on the same day, while delayed reporting results in poor recovery rates.
- AI and Scams: AI-driven deepfakes and voice cloning are used in sophisticated scams, such as fake investment platforms promoted with celebrity endorsements. Noteworthy cases include a Bangalore IT professional who lost ₹95 lakhs to a PM Modi deepfake video and a company MD who lost ₹7 crores in a “digital arrest” scam. Romance scams, which use deepfake video calls and fake families, often target victims through matrimonial sites.
- Malware and Social Engineering: Malicious Android Package Kits (APKs) are a common threat, distributed through fake traffic challan, bank KYC update, and electricity bill notifications. The SluBot malware can spread to an entire contact list from an infected device.
- Password Security: A major data breach in June 2025 leaked 6 billion passwords from platforms like Apple, Facebook, and Google. The government’s CERT-IN issued an advisory recommending immediate password changes. Weak passwords, such as dates of birth and anniversary dates, are used by 90% of users. Enhanced security measures like Multifactor Authentication (MFA) and passkeys are recommended to combat this.
- Government Initiatives: New initiatives have been introduced to enhance cybersecurity. The SMS Authentication System tags legitimate messages with suffixes like (-S) for service or (-G) for government, while unmarked messages indicate potential fraud. The Sanchar Sathi Portal allows users to check all numbers registered in their name and report stolen devices.
- Device and Digital Safety: It is critical to never install APK files from any source. For financial security, users should only use SEBI/BSE approved platforms and enable card transaction controls to lock/unlock specific transaction types. DigiLocker should be used for all official documents to protect sensitive data.
Conclusion
The Cyber Safe workshop provided a comprehensive overview of the escalating cyber threats facing individuals and businesses in India. The session effectively highlighted the critical need for digital literacy and proactive security measures. By understanding the mechanisms behind deepfake attacks, investment scams, and malware, and by implementing enhanced security protocols like MFA, individuals can significantly mitigate their risk.
The workshop also underscored the importance of leveraging government resources like the Sanchar Sathi Portal and the 1930 helpline for reporting fraud, emphasizing that quick action is the key to minimizing financial losses. The insights shared by the speaker, Rakshit Tandon, serve as a crucial reminder for everyone to be vigilant and security-conscious in the digital age