The New Web: How Cyber Crime Now Wears Many Masks

The New Web: How Cyber Crime Now Wears Many Masks

From phone calls to phishing links, from social media traps to online shopping frauds, cyber crime has outgrown its old skin and now preys on the smartest minds. In 2010, cyber crime had a familiar voice. Quite literally. It came through phone calls, an unknown number, a panicked voice claiming to be from a bank or a telecom service. The scam was simple. “Your SIM card will be blocked,” or “Your bank account needs verification.” With a few misled keystrokes and an OTP shared in panic, people found their accounts emptied before the call ended. Back then, it was mostly the elderly or less tech-savvy who were targeted. But today, the story is very different.

In the digital age, cyber criminals have evolved far beyond the old tricks of basic scams and spelling errors. Today’s cyber frauds are sophisticated, psychologically crafted, and technologically advanced and ironically, it is the educated and intellectual section of society that is becoming a primary target. While one might assume that a higher level of education protects individuals from falling for such scams, the reality reveals a different picture.

Cyber police units across India report that in over 65% of digital fraud cases, victims don’t report the crime either out of embarrassment or the belief that nothing can be done. Moreover, scammers are using VPNs, fake IPs, and international server chains, making it difficult to trace them. Many operations originate from cybercrime hubs across borders, often working in teams with specific roles: coders, psychologists, callers, and money mules.

Now let’s have a look how cyber crime has evolved now and what are the basic things you need to be aware of being exposed to the digital world.

Too Smart to Be Fooled? Think Again!

By 2025, cyber criminals have evolved and so have their methods. The frauds have spread their roots into every digital platform we use. From social media and mobile apps to email inboxes, e-commerce sites, even fake customer care portals nowhere is safe anymore. And the victims? Not just the uninformed, but judges, doctors, IAS officers, engineers, and police personnel, the very people who were once considered too smart to be fooled.

The modern cybercriminal doesn’t always need brute-force hacking tools. They rely on human error, trust, and urgency. Whether it’s a limited-time deal, a panic-inducing message, or an emotionally crafted appeal, the goal is to get you to act without thinking.

Cybercriminals are essentially manipulating the brain’s fight-or-flight response. When people are presented with a message that triggers fear or urgency, like “Your account will be frozen in 30 minutes” their rational thinking takes a back seat. They react instead of reflecting. That’s exactly what the scammers want. Interestingly, it’s often the educated and tech-savvy individuals who fall prey. Why? Because with greater digital engagement comes greater exposure. They shop online, invest, attend webinars, store data on the cloud, and rely heavily on digital banking. Ironically, their confidence in navigating the digital space often makes them less cautious and more likely to take impulsive actions.

The educated brain can sometimes overestimate its ability to detect deception. This cognitive bias called the ‘illusion of invulnerability’ leads people to believe they’re too smart to be fooled. In that moment of urgency or emotional trigger, the brain shifts into autopilot, ignoring red flags in favor of quick resolution. At that point, the brain enters a state of cognitive overload, a mental fog where decision-making is impaired. The victim’s focus narrows, emotions spike, and analytical thinking gets clouded by the need to act immediately. This is precisely the psychological window cybercriminals exploit. It’s not about intelligence. It’s about how the brain processes threats under pressure. Even the smartest minds can get tricked if they’re caught off-guard emotionally.

And after the damage is done, many victims hesitate to report the crime, grappling with shame, denial, or the belief that nothing can be done. This silence not only protects the scammer but allows such crimes to proliferate.

Odisha Fights Back as Cyber Cons Surge 400%

According to the sources in 2025, the Odisha Cyber Security Cell has undertaken a series of strategic initiatives to bolster the state's defense against the escalating threat of cybercrime. Recognizing the 140% surge in cyber fraud complaints in 2024, with a staggering 43,740 incidents reported in 2024, more than double the 18,081 cases recorded in 2023. The alarming figures were revealed in the state assembly on Mar 10, 2025 through a written reply by Chief Minister Mohan Charan Majhi to a question raised by BJD MLA Ranendra Pratap Swain. According to the data, the financial impact of these cyber frauds has crossed ₹415.90 crore in 2024, a dramatic spike of over 400% compared to ₹79.66 crore in 2023. This sharp increase highlights the growing sophistication and scale of cybercriminal activities in the state.

Out of the total fraud complaints registered through the National Cybercrime Reporting Portal (NCRP), including the helpline number 1930, police were able to recover ₹39.42 lakh for the victims. Financial institutions also managed to freeze around ₹3.5 crore in response to complaints, preventing further losses. The trend continues to worsen in 2025, with the month of January alone witnessing 4,314 complaints involving a total fraud amount of ₹41.86 crore. These early numbers suggest a continuing surge in online scams and financial frauds. Law enforcement agencies registered 1,553 cybercrime cases linked to financial fraud in 2024 and arrested 191 individuals, including two women. In comparison, the previous year saw 1,362 such cases, with 163 arrests, including eight women.

The state government has prioritized the expansion and modernization of its cyber infrastructure. A significant development is the establishment of 20 new Cyber Crime & Economic Offences (CC&EO) police stations, ensuring that each district in Odisha is equipped with a dedicated cyber police unit. This expansion complements the existing 14 cyber police stations, enhancing the state's capacity to address digital offenses effectively. To support these units, the government has invested in advanced cyber forensic tools, including Cyber X-Ray, mobile forensics, email analyzers, DVR examiners, Crime OS, and IQT. These tools are instrumental in the collection and analysis of digital evidence, facilitating the apprehension of cybercriminals and the recovery of fraudulent assets.

In a move to enhance public accessibility to cybercrime reporting, the state has launched the 1930 Cyber Crime Helpline Call Centre. This center, equipped with ten dedicated lines, provides assistance to individuals facing cyber threats or falling victim to online crimes citeturn0search6. Additionally, specialized units like the Children & Women Online Abuse Monitoring Unit (CWOAMU) and the Cyber Investigation Support Team (CIST) have been established to address specific categories of cyber offenses. Educational initiatives have also been a focal point. 

The National Informatics Centre (NIC) Odisha observed Safer Internet Day on February 11, 2025, conducted workshops across 43 venues, including educational institutions like Sathya Sai College for Women and BJB Junior College in Bhubaneswar. These workshops, attended by over 5,466 participants, aimed to raise awareness about cyber threats, fraud prevention, and digital hygiene. The state has also hosted the "Cyber Surakshit Odisha" conference in December 2024, focusing on disseminating information about Zero Trust Cyber Security practices. The event provided a platform for interaction among government policymakers, cybersecurity professionals, and service providers, emphasizing the importance of a robust cyber ecosystem. These comprehensive measures underscore Odisha's commitment to creating a secure digital environment, safeguarding its citizens against the evolving landscape of cyber threats. 

Real Stories of Cyber Fraud Victims in Odisha

Data Entry, Money Exit

Akashdeep Sahoo an IT trainer from Keonjhar once has fallen into the trap of online part-time jobs. While explaining his story with us, he said to My City links, “In the year 2022, although I was doing a decent job in an IT farm, I was always looking for some 2nd source of income. An opportunity came to me through an online site, where they were offering data entry jobs with remote working options. So I thought of giving it a try. Before I could reach them they called me up, I don’t know maybe they got my phone number as I logged in into their website. They gave me sample work for data entry as a test. 

I completed the test and they again called me saying that I have performed well but there are 15% errors in it. To remove that error and make my profile strong they asked me to pay Rs. 15,000, which will be refunded later. As I was interested in the opportunity I paid for it. Then again they asked to pay me Rs. 25000 more as a security deposit, which will also be refunded as they said. I knew a few of my friends who were working in the data entry field and they have also given security deposits. So without any doubt I paid the amount. So in total I paid them Rs. 40,000. Then they also demanded more money. That's when I realised that I am being fooled but it was late already as I have lost my money. I have filed a complaint against this to the cyber cell. But till now I have not got my money back.”

“Now that I am aware of all this I have scammed the scammers recently when they asked me to pay Rs. 50 per google review. After reviewing 3-4 times I have got Rs. 150, sometimes even more like Rs. 250, but when they ask to deposit Rs. 2000 to get more review work, I simply step out. I know in this way I may not get my Rs. 40,000 back, but it gives me self satisfaction to sometimes scam these scammers,” he added.

When an Apple a Day Took ₹10K Away

Subhasish Ratha a Graphic designer from Cuttack was once surfing Instagram on his mobile phone, when he got a dm with a link to buy an Iphone 13 with Rs. 1999 only. He said, “Out of curiosity I opened the link and there was an advance payment request of only Rs. 199. So I paid for it and again in the name of other additional charges they took around Rs. 10,000 from me phase by phase. I was so mad about the Iphone during that period that  I just couldn't sense anything wrong. They even provided me clips of my parcel being ready to reach me, so somehow they gained my trust upon them. After realising the fact that I have lost my money to cyber fraud I filed a complaint at the Cyber Police station, the police personnel have cooperated with me and I have visited them several times but unfortunately I got nothing.”

A Statue for Love, A Swipe for Loss

It was Bibhuti Sahoo, a Lecturer’s 6th marriage anniversary in January 2025 and he was searching for a special gift for his wife when he came across a video on Facebook. He said, “The video showed miniature 3D sculptures of couples together at a very affordable price. So I opened the Facebook page and got a whatsapp business number from there. While chatting with that whatsapp number it seemed like I was talking to a genuine startup owner or maybe the fraud was playing his game very well. For an 8 inch 3D miniature statue of me, my wife and my son together, he asked me to pay Rs. 999, but I insisted on giving cash on delivery. Then he told me that there have been cases where they have made sculptures and the customer refuses to pay or take it. As this is a personalised product obviously no other buyer will buy this. In this way he convinced me to pay the full amount in advance. After that I kept on asking when the product would reach me for about 15- 20 days, but he kept on saying very soon. But it never happened and after a few days all his Facebook page, whatsapp and everything just vanished. Maybe he blocked me.”

“There was one of my friends who works in the cyber crime control department so I told him the matter. He simply replied that for only Rs. 999, you have to take a hell lot of headache while coordinating with police and finding out the culprit as there are more cases of huge amounts of money being stolen online. So I just forgot about it and found another suitable gift for my wife on our anniversary day,” added Bibhuti.

Nude Call, Rude Shock

For a 25 year old corporate employee Rahul Das from Bhubaneswar, a nightmare came into his life in the year 2023. He said, “It was 11 pm in the night and I was alone at my home watching a movie on my mobile phone, when I got a video call in Whatsapp. It was from an unknown number and I shouldn't have picked it up. But when you are alone at home somehow you feel like the king and you can do anything, so just being ignorant about the consequences I picked it up and suddenly I am seeing a nude girl on the other side. Before I could think of anything, she hung up and suddenly I got a screenshot captured during the call. As my face was there, she blackmailed me and demanded Rs. 25,000. It felt like the ground gave way beneath my heel. When I talked about this with my friends, all of them suggested that I shouldn’t give her the money and just ignore it. I did the same but after a few days my elder brother showed me the screenshot and asked about it. She has sent that screenshot through messenger to my elder brother. But my elder brother was well aware of all this so he made me calm down and assured that she can do nothing. I just blocked the number and that’s how I got out of it.”

Remote Access, Real Loss

In December 2021, a marketing executive Saachi Kaur from Bhubaneswar received what seemed like a legitimate message from PhonePe. The text claimed she had won ₹5,000 as part of a special offer for being a premium customer. It urged her to click a link to claim the reward, and to enter her passcode for verification. It looked official enough to convince her. She said, “As I followed the instructions, I was prompted to enter my PhonePe passcode. Moments later, I noticed ₹5,000 had been debited from my account, not credited, as promised. In panic I reached out to the number mentioned in the message. The person on the other end reassured me that it was just a verification step and asked me to install an app called Any Desk, saying he would guide me through the process."Trusting him, I downloaded it. What I didn’t realize was that Any Desk is a remote access app, once I installed it and allowed permissions, the scammer could see my screen in real time. While I was still confused and trying to understand what was happening, he watched as I entered my passcode again.”

“Within minutes, another ₹20,000 was withdrawn from my account. That’s when I knew I’d been scammed. I immediately contacted PhonePe’s customer care and the cybercrime branch. They confirmed that the message and the link I had clicked on were not from PhonePe, and the person who guided me was a fraudster exploiting remote access to steal sensitive information. I had lost ₹25,000 in total. The first thing I was advised to do was to delete all suspicious apps, especially Any Desk, and reset my passwords. I also learned to never share my passcode or download remote access tools at the request of strangers, no matter how convincing they sound,” she added.

High Traffic, Low Response

Subhasis Bisoi, a social media analyst, has fooled the scammers many times. He said, “I can’t say about a single scam as I have come across frauds many times. From Facebook to whatsapp, from phone calls to fake emails, I have seen almost every kind of them. I feel after so many initiatives have been taken and there have been awareness messages being heard even when you call someone, there are still complaints about cybercrimes not being addressed properly in the state. He said, “Even the helpline numbers provided are not as active as they should be. Including the helpline number 1930, there are few other contact numbers 7077798111 & 1800-4191-813 on the official website of the  CyberCrime portal of the Odisha govt. Are not working properly. The reason may be due to the high traffic in those lines as the cyber cases are rising. Here the question arises when the criminals are reaching out their target victims so easily and at the same time why the passage between the victim and the Cyber Crime department is not smooth yet? So it would be our humble request to the state govt. of Odisha to take this on a serious note and work on this as soon as possible. Especially when cyber crime cases are rising at a rapid speed and we all know how much we spend on our smartphones, how much we are dependent on this in the era of digital India.”

Beyond the Call: The Many Faces of Modern Fraud

Social Media Scams

These scams are effective because users often trust messages or posts that appear to come from friends, influencers, or legitimate brands. Creating fake profiles is easy, and scammers can reach thousands of users at minimal cost. Additionally, many social media users lack awareness about the red flags of online fraud, making them easy targets for manipulation.

Here are a few common types of social media scams.

1. Phishing Scams

Scammers send fake messages claiming to be from trusted sources, like banks or social media platforms, tricking users into clicking malicious links. For example, a user might receive a DM stating, “We noticed suspicious login activity on your account. Click here to secure it.” Clicking the link leads to a fake login page designed to steal the user's credentials.

2. Romance Scams

In romance scams, fraudsters pretend to be romantically interested and slowly build emotional connections. Once trust is established, they request money for fabricated emergencies. For instance, a scammer may claim to be a soldier abroad needing money for a plane ticket to meet you.

3. Giveaway/Prize Scams

These scams promise free gifts like iPhones or cash prizes, but users are asked to pay a small fee or provide personal details. An example would be a post saying, “Congratulations! You've won a new iPhone! Pay ₹499 to claim your prize.” The prize, of course, never arrives.

4. Impersonation Scams

A scammer clones someone’s social media profile and reaches out to their friends or family, pretending to be in urgent need of money. For example, a cloned account might message you saying, "Hey, I’m stuck abroad and lost my wallet. Can you send ₹10,000 urgently?"

5. Job Offer Scams

Fake recruiters offer attractive jobs and ask for a small registration fee or personal information. For instance, a message might say, “We are hiring for part-time jobs. Earn ₹3,000/day. Register now by paying ₹250.” After the payment, the recruiter disappears.

6. Investment & Crypto Scams

These involve scammers promoting fake investment schemes with promises of high returns, often using fake influencers or testimonials. For example, a post might read, “I made ₹50,000 in one day with XYZ crypto platform. DM me to join!” Victims who invest end up losing their money.

Email Phishing

The effectiveness of email scams lies in their ability to mimic real communication. Scammers use authentic looking branding, professional layouts, and sender names to appear legitimate. Often, these emails warn about a compromised account, promise huge rewards, or ask for help with a seemingly urgent issue. In moments of panic or excitement, people may unknowingly share sensitive information or take actions that result in financial or data loss.

Here are a few types of email scams.

1. Advance Fee Fraud (Nigerian Prince Scam)

In this type of scam, the email typically claims the sender is a wealthy individual, often a foreign royal or government official, who needs help transferring a large sum of money. In return for your assistance, they promise a generous share. However, before the supposed funds are transferred, you are asked to pay a processing fee. Once paid, either more fees follow or the scammer disappears altogether.

2. Lottery or Prize Scams

These scams involve emails claiming you have won a large sum in a lottery, contest, or sweepstakes, even if you never participated. The message asks you to pay a fee for taxes, legal processing, or shipping before you can claim your prize. Alongside the request for money, scammers often seek personal details like your bank account or passport number, which can be used for identity theft.

3. Business Email Compromise (BEC)

BEC scams target professionals within companies by impersonating senior executives, clients, or vendors. The scammer might ask an employee to urgently wire money or send sensitive company data. These emails are often well researched, using insider terms or referencing real company activities, making them difficult to detect. Financial departments are frequent targets due to their access to payments and company accounts.

4. Tech Support Scams

These emails pretend to be from reputable tech companies such as Microsoft, claiming that your computer is infected with a virus or experiencing a critical error. You are prompted to call a helpline or download software to fix the issue. If you follow through, the scammer may ask for remote access to your computer, leading to theft of data, installation of malware, or demands for payment to restore access.

5. Charity or Donation Scams

Capitalizing on human empathy, these scams appear during natural disasters, pandemics, or crises. The emails ask for donations to help victims, claiming to be from a well known charity or a newly formed aid organization. The donation request includes bank account details or payment links. Once the money is sent, it is never used for the stated cause, and the contact becomes unreachable.

Online Shopping Traps

Online shopping traps refer to deceptive practices or fraudulent schemes that exploit online shoppers. Cyber criminals create fake e-commerce websites, fraudulent online ads, or scam offers to trick consumers into paying for goods and services that never materialize or are of poor quality. These scams can range from counterfeit products to phishing attacks and fake discounts. The goal is typically to steal personal or financial information, install malware on devices, or deceive individuals into making payments for non-existent products.

The success of online shopping scams lies in the convenience and the sheer volume of transactions taking place on e-commerce platforms. With the rapid growth of online shopping, more people are making purchases from various sources, including unknown websites or social media ads. Fraudsters know that many shoppers are often too focused on finding a good deal to fully verify the authenticity of a site or offer. Additionally, scammers capitalize on human psychology, offering irresistible deals that make it hard for consumers to resist, leading them to act impulsively.

Here are a few types of Online Shopping Traps.

1. Fake E-Commerce Websites 

Scammers create fake websites that look almost identical to popular and trusted online stores. These fraudulent sites often sell high-demand products, such as electronics, fashion items, or home goods, at prices far lower than their usual retail value. Consumers are lured into these deals with the promise of significant discounts. Once the payment is made, either no product is delivered, or a counterfeit, subpar version of the product arrives. The scammer may also steal credit card or banking details.

2. Phishing Ads on Social Media

Many scammers use social media platforms to run fake ads for products that seem too good to be true. These ads often promote items at a heavily discounted rate, with flashy images and urgent time-limited offers. Clicking on these ads redirects users to fraudulent websites designed to steal their personal and payment information. In some cases, these ads might ask for sensitive details, such as login credentials or payment information, disguised as a checkout process.

3. Fake Reviews and Rating Manipulation

Fraudulent online stores sometimes manufacture fake reviews or use fake ratings to create an illusion of legitimacy. These websites may showcase hundreds of glowing reviews from fake accounts, convincing shoppers that the site or product is trustworthy. Once the consumer makes a purchase, they realize that the product is substandard, or they may receive nothing at all. Some scammers even hire third-party services to boost reviews, making it even harder for consumers to distinguish between legitimate and fraudulent stores.

4. Subscription Traps

Some online shopping scams operate on a subscription-based model. These websites offer "free" or heavily discounted trial products, such as health supplements, beauty products, or tech gadgets. Shoppers may provide payment details for shipping, only to realize that they are automatically signed up for a recurring subscription without their knowledge. In many cases, customers are charged excessive amounts for products they never ordered or didn’t intend to buy, and cancelling these subscriptions can prove difficult.

Fake Service Providers

Fake service provider scams are a form of cyber crime where fraudsters impersonate legitimate service providers, such as internet companies, technical support, financial consultants, travel agencies, home repair services, or even government authorities to deceive people into paying for services that are either never delivered or completely fake. These scams exploit trust, urgency, and convenience to manipulate victims, often using phone calls, websites, social media ads, or email.

Here are a few common types of fake service provider scams.

1. Fake Tech Support Scams

One of the most prevalent types, these scams usually start with a pop-up warning or a phone call claiming that your computer has a virus. The fake technician then offers to "fix" the problem by taking remote access to your device. Under this guise, they may install malware, steal sensitive data, or ask for payment to continue the so-called service. Victims not only lose money but may also have their devices compromised.

2. Fake Loan or Credit Assistance Agencies

These scammers promise instant loans, credit repair, or low-interest rates and target individuals who are in urgent need of financial assistance. Victims are told that they must first pay a processing fee, insurance, or security deposit. Once the payment is made, the fraudster disappears, and no loan or service is ever delivered. Often, they also collect sensitive documents like Aadhaar, PAN, or bank statements, leading to identity theft.

3. Home Services Fraud

Cyber criminals often pose as electricians, plumbers, pest control experts, or appliance repair technicians. They advertise through social media or directories and take bookings with advance payments or inflated charges. In many cases, no one shows up for the job, or untrained individuals perform substandard work, causing further damage or loss. Some may even scout homes for future thefts or burglaries.

4. Travel Agent and Visa Consultant Scams

In these scams, victims are lured with attractive travel packages or promises of easy visa approval. Fake travel agencies ask for an initial deposit for booking tickets, hotels, or processing documents. After receiving payment, they become unreachable or send fake tickets and documents. These scams become particularly common during holiday seasons or periods of high visa demand.

5. Government Service Impersonators

Fraudsters may claim to be officials from the income tax department, electricity board, or police department and say there is an urgent issue like unpaid bills or legal notices. They pressure individuals into paying penalties immediately via UPI or other digital platforms to "avoid arrest" or "disconnection of service." Since these calls often use spoofed numbers that look real, even educated individuals can fall for them.

Mobile App Frauds

The process usually begins with users downloading an app that appears safe and useful often from unofficial app stores or through ads on social media. These apps may offer services like mobile banking, photo editing, gaming, job applications, or even health tracking. Once installed, the app might ask for excessive permissions, such as access to contacts, SMS, camera, or banking apps. These permissions allow the fraudster to gather personal data, intercept OTPs, or take control of the phone.

Here are a few types of mobile app frauds.

1. Fake Banking Apps

These apps mimic official apps of reputed banks. Once downloaded, they prompt users to log in using their customer ID, password, and even transaction PINs. The information is then sent to cyber criminals, allowing them to access real accounts and steal money. Some apps even display a fake balance or confirmation message to delay suspicion.

2. Loan App Scams

Fraudulent instant loan apps offer quick loans with no paperwork, appealing to users in urgent need of money. Once users download the app and submit ID proofs and selfies, the app disburses a small loan. But what follows is harassment. These apps access contacts and media, and if payments are delayed or declined, fraudsters begin to threaten, shame, or blackmail users by leaking personal data to friends and family.

3. Health and Fitness Apps

During the pandemic, many apps surfaced claiming to offer COVID-19 tracking, vaccination slots, or fitness regimes. Some of these were spyware in disguise. They either collected sensitive health data or used GPS tracking for unethical purposes, while others acted as ransomware, locking phones and demanding payment to unlock them.

4. Gaming and Entertainment Apps

Many fake gaming or movie streaming apps promise free access to premium games or movies. Users often need to register with email, phone number, or payment details. These apps may contain adware or malware, leading to unauthorized charges or data theft.

5. Job and Dating Apps

Fake job portal apps ask for resumes, Aadhaar numbers, and even money as registration or security deposits. In return, users receive no actual job leads. Similarly, dating app scams lure victims into emotionally manipulative conversations, leading to blackmail or financial exploitation.

The Way Forward

The war against cyber threats is far from lost, but winning it demands better-prepared soldiers and smarter defenses. Practicing good cyber hygiene must become as routine as brushing your teeth as an essential part of daily life. Fundamental practices like enabling two-factor authentication, checking for verified URLs, limiting app permissions, and creating strong, unique passwords are no longer optional; they are the bare minimum required for digital survival.

Institutions across the board, whether corporate offices, educational institutions, or government departments must take a proactive role in spreading cyber awareness. This responsibility extends beyond employees to their families as well, with regular workshops and training sessions to build a culture of vigilance. Additionally, systems for reporting cyber crimes must be simplified and accelerated, supported by advanced AI tools that can trace and respond to threats in real time.

The digital world has evolved into a complex jungle where cybercriminals no longer fit the stereotype of hoodie-clad hackers lurking in dark basements. Today, they operate in plain sight, often disguised by blue verification ticks or professional façades. In a world where nearly everything we do is connected to the internet, the most reliable firewall isn't software, it's our own awareness.