This Article is written by Edleen T. Makiwa of Marwadi University, an intern under Legal Vidhiya
ABSTRACT
The use of online banking has become prevalent across the globe and the same has been adopted in the Indian banking system. It has come with a variety of advantages, such as making it easy and flexible for users to access and control their bank accounts remotely without challenges. It has also reduced the necessity of going to the banks physically and having to stand in queues for long hours waiting for service. Nowadays, consumers just access their accounts from mobile bank applications and websites, and they can also get information about any updates in their bank accounts and the banking systems online. However, such a great milestone in the banking sector does not come without challenges. As technology advances, so do cybercrimes. Online banking is often accompanied by fraud. Online banking fraud refers to the intentionally deceptive acts of omission or commission to cause wrongful loss and wrongful gain. This often results in financial losses to the victim. The Information Technology Act of 2000 and the Reserve Bank of India Guidelines govern online banking in India. They play a crucial role in curbing online banking fraud and punishing offenders. However, even with the aforementioned laws in place, online banking fraudsters continue to up their game and develop their skills. It is high time the law evolved and caught up with technological developments. This article addresses the legal issues in online banking fraud and prevention mechanisms.
KEYWORDS
Online Banking Fraud, Cybercrimes, Fraud Prevention, Data Breach, Legal Liability, Digital Banking Security, Cyber Hygiene.
INTRODUCTION
Technological advancements across the globe have necessitated the use of online banking. This has resulted in flexible transactions where users can access and manage their bank accounts remotely from anywhere in the world. Online banking has transformed the banking system in India, making banking transactions easier and hassle-free. However, online banking in India is not only a blessing but a curse as well, with the majority of people being subjected to online banking fraud. These online banking frauds may include phishing scams, hacking, and identity theft, among others. There are various legal issues in online banking fraud, which include the borderless nature of the crime, ambiguity in liability, lack of rigorous punishment for offenders, lack of awareness among the users of online banking, evolving tactics from hackers, and a shortage of cyber forensics infrastructure. The legal framework in India governing online banking, which includes the Information Technology Act of 2000 and the Reserve Bank of India Guidelines, has been instrumental in responding to online banking fraud. This article aims to define what online banking fraud is, identify the legal issues associated with it, along with providing prevention mechanisms to help curb online banking fraud.
WHAT IS ONLINE BANKING FRAUD?
Online Banking is the conducting of banking transactions like managing bank accounts and conducting financial transactions via the internet using electronic devices such as computers, laptops, mobile devices, etc. It has become globally prevalent with the advent of digital technology. The intentional dishonest act of omission or commission resulting in wrongful loss to one party and wrongful gain to the perpetrator can simply be referred to as fraud. According to the Reserve Bank of India fraud is “the deliberate act of omission or commission by any person, carried out in the course of a banking transaction or books of accounts maintained manually or under computer system in banks, resulting into wrongful gain to any person for a temporary period or otherwise, with or without any monetary loss to the bank.”[1] Therefore, online banking fraud results from intentionally deceptive transactions conducted online, thereby causing a wrongful loss to any person and a wrongful gain to the fraudster. It may be done by the bank itself or its employees, or by the consumers, or by other third parties. Online banking fraud comes in a variety of forms.
FORMS OF ONLINE BANKING FRAUD
- Phishing Scams
Phishing scams refer to the fraudulent method used by cybercriminals to get sensitive information by pretending to be trustworthy entities through electronic communication. In this case, the fraudster may pose as a legitimate bank or financial institution, requesting personal information like usernames, passwords, credit card or debit card numbers, or financial information that they use for their malicious activities. This is done through emails, text messages, or even phone calls, and they are designed in such a way that the victim cannot tell that it is fake.
- Identity Theft
Identity theft occurs when a fraudster maliciously obtains one’s personal information, such as bank account details, credit or debit card information, etc., to impersonate the owner of that personal information and conduct fraudulent activities like unauthorized access to one’s bank account and obtaining loans and/or credits in the name of the victim.
- Hacking
Hacking is the unauthorized access to one’s bank account or the online banking system of an entity. By so doing, the hackers can gain control of the account or the online banking system, and they can steal sensitive information or money. The hackers exploit loopholes or vulnerabilities in online banking systems to their advantage.
- Impersonation of Banks.
Fraudsters have graduated from just impersonating bank users to impersonating the banks themselves. This is done by creating fake websites that look like legitimate bank websites to deceive users into sharing sensitive information, making certain payments, or doing money transfers. These fraudsters may also make use of phone calls, texts, or emails pretending to be bank representatives in order to defraud consumers.
LEGAL ISSUES ASSOCIATED WITH ONLINE BANKING FRAUDS
Bank fraud falls into the categories that travel far ahead of personal or private wrong; it is a social wrong and has an immense social impact.[2] Therefore, there are different legal issues in online banking fraud, starting with the borderless nature of online banking fraud. Online banking fraud often spans across geographical and jurisdictional boundaries, thus making it difficult for the Indian law enforcement to track and prosecute them. Online banking fraud can be committed from anywhere in the world, depending on the discretion of the fraudster and their skills. This, therefore, complicates investigations and prosecution. For instance, A, a skilled cybercriminal specializing in online banking fraud using the method of phishing scams while residing in the United Kingdom, defrauds B, who resides in India. Because of the geographical boundaries and A’s fraud skills, it may not be easy for the Indian law enforcement agencies to trace the fraudulent activities to A. It would also be challenging to prosecute A even if he is found, due to jurisdictional boundaries. Hence, the borderless nature of this crime becomes a challenge to track and prosecute fraudsters.
In addition, with the rapid growth in technological advancements, the fraudsters continuously update their skills and become geniuses by day. Al Pacino’s famous words, “Our ability to manufacture fraud now exceeds our ability to detect it,” point right to the current situation where the legal and technological systems in place to catch fraudsters are way behind the evolving tactics of the fraudsters. The law is failing to keep up with the fraudsters; as such, a variety of online banking frauds go unnoticed or even unpunished due to the failure to identify the fraudsters. The Indian legal system also suffers from adequate cyber-forensics infrastructure required to trace cyber-attacks like online banking fraud. This poses a challenge, resulting in unsolved and rampant online banking fraud.
Furthermore, another issue is the lack of awareness and knowledge of online banking fraud among users, which creates fertile ground for fraudsters. Consumers lack knowledge of the tactics used by fraudsters, because of this they fall prey to the attacks by fraudsters who exploit illiteracy among the general public. As John Andreas Widtsoe famously stated, “Fraud and deceit are anxious for money, be informed and prudent”. It is important for consumers as well as banks to be aware of the tricks used by fraudsters in online banking fraud.
Moreover, the ambiguity in liability with respect to who, between the bank and the consumer, should be held liable for the losses resulting from online banking fraud has led to various legal disputes between banks and their consumers. A lot of time is wasted in courts determining liability, instead of curbing the attacks. Courts have held banks liable for failing to have a secure system free from cyber-attacks. This is so because when consumers choose a certain bank for their transactions, they do so with the trust that their information is secure as well as their money. Thus, in cases where there is a breach in the online banking system of a bank or other financial institution, the bank or financial institution is liable. In Tony Enterprises & Ors. v. Reserve Bank of India & Ors., in which the petitioners relied on a circular issued by the RBI protecting consumers from unauthorized e-banking transactions, it was held that the bank has the responsibility to protect the interests of the consumers in all circumstances.[3]
Another issue is the delay in reporting by victims of online banking fraud. This delay may happen due to failure by victims to realize that they have been defrauded, especially in cases where fraud has been committed through fake bank websites meaning that the victims may not notice that it is fake until it is too late. The delay may also happen due to lack of awareness on online banking fraud. It may also be due to fear. Therefore, whatever may be the reason for the delay, a delay in reporting affects investigation and recovery of funds because in this era, the fraudsters have become so clever that they cover their tracks. Thus, if victims delay in reporting the fraud and letting the law take its course, the perpetrators may never be found, or it may be too late to recover the money by the time they are found. It is imperative for the victims of online banking fraud to come forward immediately after being defrauded or as soon as they notice that fraud is about to take place in order to reduce the effects and catch the offenders at the earliest.
PREVENTION MECHANISMS FOR ONLINE BANKING FRAUD
No matter how serious a problem is, it always has a solution. The laws of the nation are neither ignorant nor oblivious to online banking frauds taking place across India. Therefore, some prevention mechanisms for online banking fraud include amending our current laws, such as the Information Technology Act of 2000, to address the evolving fraudulent tactics used by fraudsters. In addition to this, banks or any other financial institutions must mandatorily and strictly follow the regulatory guidelines set by the Reserve Bank of India, with a strict penalty for non-compliance.
With the rapid growth in technology, banks must invest in robust and the latest software and infrastructure that is able to detect potential threats and thwart them before they occupy the online banking system. They should also conduct internal cyber audits to ensure that there are no insider fraudulent activities on online banking.
Furthermore, as noted above, in disputes regarding liability in cases of online banking fraud, more often than not, the courts hold banks responsible because they must have adequate safeguards. Therefore, banks must exercise due diligence when obtaining online banking verification products or services from third-party providers to ensure that they are real and not fraudulent. On verification of registered users, banks should make use of biometric verification on their mobile applications or websites. Thus, any deviation will be flagged and traced to check whether it’s an attempt to commit online banking fraud.
Online banking transaction data and customers’ personal information are vulnerable to fraud. Fraudsters constantly update their skills and their systems, thus making it easier for them to hack into people’s bank accounts or even the banks’ systems. Therefore, banks need to use the end-to-end encryption method, which protects sensitive banking data during transmission or at rest to prevent even the most skilled fraudsters from breaking into the banking system.
Banks in India and regulatory bodies must conduct educational and awareness campaigns to educate consumers, along with staff members, about the current tricks used by online banking fraudsters, the risks involved, how to avoid online banking fraud, and what to do when they recognize attempts or the possibility of being defrauded. The banks and regulatory bodies must also advise consumers to report any suspicious activities immediately instead of delaying.
Last but not least, consumers must refrain from using public Wi-Fi for their online banking transactions. They must also refrain from logging into unknown websites or clicking random links online.
CONCLUSION
In conclusion, online banking offers a convenient, efficient, and user-friendly way to manage finances with greater freedom and ease. However, it is undeniable that online banking remains vulnerable to fraudulent activities. it goes without saying that it is prone to fraud. Online banking fraud results in financial losses for the victims. It takes various forms like phishing, impersonation of banks, identity theft, hacking, etc. Legal issues in online banking fraud include liability ambiguities, among others. As we have seen above, online banking fraud is a social injustice that should be stopped. Therefore, prevention mechanisms include awareness campaigns, strict regulatory compliance by banks, adaptation to technological advancements to help detect fraud before it affects the system, etc. It is important that we all stay vigilant and fight against online banking fraud, from the legal sector down to society, we must all fight against this evil.
REFERENCES
- Nidhi Bajaj, Financial Frauds in India: All You Need to Know, iPleaders (July 06, 2025, 9:34 PM), https://blog.ipleaders.in/financial-frauds-in-india-all-you-need-to-know/.
- State of Maharashtra v. Vikram Anatrai Doshi, 2014 INSC 655, manupatrafast.com/citation/citation.aspx?manu=MANU/SC/0842/2014.
- Tony Enterprises & Ors. v. Reserve Bank of India & Ors., 2019 KER 60412, https://www.manupatrafast.com/citation/citation.aspx?manu=MANU/KE/4164/2019
[1] Nidhi Bajaj, Financial Frauds in India: All You Need to Know, iPleaders (July 06, 2025, 9:34 PM), https://blog.ipleaders.in/financial-frauds-in-india-all-you-need-to-know/.
[2] State of Maharashtra v. Vikram Anantrai Doshi, 2014 INSC 655.
[3] Tony Enterprises & Ors. v. Reserve Bank of India & Ors., 2019 KER 60412.
Disclaimer: The materials provided herein are intended solely for informational purposes. Accessing or using the site or the materials does not establish an attorney-client relationship. The information presented on this site is not to be construed as legal or professional advice, and it should not be relied upon for such purposes or used as a substitute for advice from a licensed attorney in your state. Additionally, the viewpoint presented by the author is personal.
