The Unseen Victims of India’s Cyber War, When Fraud Investigations Freeze Innocent Livelihoods

The Unseen Victims of India’s Cyber War, When Fraud Investigations Freeze Innocent Livelihoods

In the shadows of India’s digital boom, a new kind of “cottage industry” has emerged—one that doesn’t manufacture goods, but systematically manufactures deception. While the Netflix series Jamtara – Sabka Number Aayega brought the gritty reality of rural phishing hubs into our living rooms, it was merely the opening chapter of a much larger, more dangerous story. Today, India faces a dual challenge: it is the fastest-growing digital payments economy in the world and, simultaneously, one of the most targeted nations for cyber-syndicates. The latest figures from the Ministry of Home Affairs and the Indian Cyber Crime Coordination Centre (I4C) paint a staggering picture: India clocked a record 2.8 million cybercrime complaints in 2025, a 24 per cent increase from the number reported in 2024. While aggressive real-time intervention saved over ₹8,000 crore, the total financial drain remained massive. Indians lost approximately ₹22,495 crore to digital criminals—a staggering 0.7 per cent of the national GDP.

Yet, alongside this epidemic of digital fraud, an unintended secondary crisis has surfaced: administrative overreach through widespread, indiscriminate debit-freezing of bank accounts. In the urgent effort to trace and recover stolen funds, law-enforcement agencies—primarily the Cyber Crime Cell—have increasingly relied on account freezes as a primary investigative tool. These actions are frequently proving to be disproportionate to the suspected crime. The result is a new class of victims: small businesses, push-cart vendors, salaried professionals, and ordinary citizens whose only crime was to receive a suspiciously small credit—sometimes as little as ₹20—into their bank accounts. Their accounts are frozen, their livelihoods disrupted, and their access to justice obstructed by a slow, physical, document-heavy process that seems designed for a pre-digital era. This is the unfortunate fallout of cybercrime investigations, and it demands urgent attention.

The Scale of the Crisis: 2.8 Million Complaints and Counting

The numbers are staggering. In 2025 alone, India recorded 2.8 million cybercrime complaints—a 24 per cent increase from the previous year. This is not a marginal uptick; it is a tsunami. Behind each complaint is a victim: a retired schoolteacher whose life savings vanished after a phishing call, a small business owner whose supplier payments were rerouted, a student who lost tuition fees to a fake investment scheme, a homemaker who clicked one wrong link and watched her bank account drain.

The government’s response has been aggressive and, in many ways, commendable. The Citizen Financial Cyber Fraud Reporting and Management System has enabled real-time intervention, saving over ₹8,000 crore that would otherwise have been lost. The Department of Telecommunications (DoT) and the Telecom Regulatory Authority of India (TRAI) have terminated over 3 crore fraudulent mobile connections—a clear sign that the industrialisation of fraud is being met with industrial-scale countermeasures.

But the numbers also reveal the limits of this approach. Despite saving ₹8,000 crore, Indians still lost approximately ₹22,495 crore to digital criminals—a sum equivalent to 0.7 per cent of the national GDP. To put this in perspective, this is more than the combined budgets of several state governments for education or health. It is money that has left the Indian economy, enriching criminal syndicates operating from within the country and across borders. And in the frantic effort to trace and recover these funds, law enforcement has adopted a tool that is now causing a secondary crisis of its own.

The Freeze Factor: When Investigation Becomes Punishment

The primary investigative tool in cybercrime cases has become the debit freeze—a mechanism that allows law enforcement to freeze bank accounts suspected of being involved in fraudulent transactions. The logic is straightforward: when a victim transfers money to a fraudster’s account, that money often moves quickly through a chain of “mule accounts”—layered transactions designed to obscure the ultimate destination. By freezing accounts at each layer, authorities hope to preserve the stolen funds and identify the perpetrators.

In practice, however, this tool is being applied with what critics call “administrative overreach.” Data from early 2026 indicates that while 28.15 lakh cybercrime complaints were registered last year, the resulting “blanket freezes” have trapped an estimated ₹12,000 crore belonging to innocent parties. This is not money stolen by fraudsters; it is money belonging to small businesses, traders, and individuals who have had the misfortune of receiving a suspicious credit—often without any knowledge of its fraudulent origin.

Consider the following scenarios, drawn from real cases: A small trader receives a payment of ₹100 from a new customer. That payment, unbeknownst to the trader, originates from a fraudulently obtained account. The trader’s entire operational account—containing lakhs of rupees of legitimate funds—is frozen. A push-cart vendor in a Tier-2 city receives a ₹20 credit from a customer using a digital wallet. That ₹20 is traced back to a fraudulent transaction. The vendor’s account is frozen. A salaried professional receives a small reimbursement from a colleague whose account has been compromised. That professional’s salary account is frozen, leaving them unable to pay rent, school fees, or medical bills.

For India’s 6.4 crore MSMEs, the impact is devastating. A single suspicious credit of ₹100 can result in the total freezing of an operational account. These businesses operate on thin margins and tight cash flows. The loss of access to working capital for even a few weeks can be catastrophic. When unfreezing timelines stretch from four to seven months, businesses lose access to capital during critical operating cycles, leading to stalled trade, missed payments, and, in some cases, permanent closure.

The Constitutional Violation: Right to Trade and Livelihood

This financial paralysis for small traders and salaried professionals is not merely an administrative inconvenience; it is a violation of the fundamental right to trade and livelihood guaranteed under the Constitution. Article 19(1)(g) guarantees the right to practice any profession, or to carry on any occupation, trade or business. While this right is not absolute and can be restricted by reasonable state action, the restrictions must be proportionate and must follow due process of law.

The blanket freezing of bank accounts—without notice, without a hearing, and without any assessment of the account holder’s complicity in the alleged fraud—fails this test of proportionality. A trader who receives a ₹100 payment from a customer is not a criminal. A vendor who receives a ₹20 credit is not a money launderer. Yet, they are treated as if they are. Their accounts are frozen. Their livelihoods are disrupted. And their access to justice is blocked by a system that seems designed to protect the state’s convenience, not the citizen’s rights.

Judicial scrutiny has increasingly emphasised this point. Courts have repeatedly held that blanket or indefinite freezing without proper judicial authorisation raises serious concerns of proportionality. The Supreme Court has observed that the power to freeze accounts must be exercised with caution, and that authorities must distinguish between the accounts of actual fraudsters and those of innocent parties whose only connection to the crime is a single, small, unsolicited transaction.

The Justice Cost: When Restoration is Slower Than Theft

Despite cybercrime being digital, the process of restoring frozen bank accounts remains largely physical, slow, and document-heavy. A small trader or salaried individual whose account is frozen by a cybercrime unit located in another state or region often faces what can only be described as a “justice cost.” They must travel to the jurisdiction where the complaint was filed, submit physical documents, engage legal assistance, and wait for weeks or months for a resolution. The geographical and procedural disconnect has become the true “pinch point” for ordinary Indians.

The data is telling: over 2.6 million “Layer 1” suspected mule accounts have been flagged by authorities as they attempt to track layered fraud transactions. Each of these flagged accounts represents a potential case of collateral damage—an innocent account holder caught in the dragnet. The unfreezing process is so slow that many victims simply give up, abandoning the funds in their frozen accounts as a lost cause. This is not justice; it is a form of administrative attrition.

The Way Forward: Proportionality, Technology, and Awareness

Addressing the growing menace of digital fraud requires a coordinated response involving individuals, financial institutions, technology platforms, enforcement authorities, and sectoral regulators. But that response must also protect the innocent from collateral damage. Several reforms are urgently needed:

1. Proportionality in Account Freezing: Law enforcement agencies must adopt a graduated approach to account freezing. Instead of blanket freezes, they should freeze only the amount suspected to be fraudulent, leaving the rest of the account accessible to the account holder. They should also distinguish between “mule accounts” (which may be knowingly or unknowingly involved in fraud) and “victim accounts” (which have received a single, small, unsolicited credit). The latter should be unfrozen immediately upon verification of the account holder’s identity and lack of complicity.

2. Judicial Oversight: Account freezes should require judicial authorisation, not merely administrative action. A magistrate should review the grounds for freezing and assess the proportionality of the action. This would provide a check against overreach and ensure that the rights of innocent account holders are protected.

3. Digital Unfreezing Process: The process for restoring frozen accounts must be digitised. Account holders should be able to submit documents, verify their identity, and contest the freeze online, without having to travel to another jurisdiction. A centralised portal, linked to the I4C, should enable seamless communication between victims, banks, and law enforcement.

4. Time Limits: Parliament should amend the relevant laws to impose strict time limits on account freezes. If authorities cannot file a chargesheet or produce evidence of complicity within, say, 30 days, the freeze should automatically lift. This would prevent indefinite freezes and force authorities to act swiftly.

5. Compensation for Wrongful Freezes: Innocent account holders whose accounts are wrongfully frozen should be entitled to compensation for the financial losses they suffer. This would create a deterrent against casual or disproportionate freezing and provide a remedy for victims of administrative overreach.

6. Strengthening Digital Literacy: Prevention is better than cure. Strengthening digital literacy must become the first line of defence. Nationwide financial awareness campaigns, particularly in Tier-2 and rural regions, should accompany India’s digital expansion. Citizens must learn to recognise phishing attempts, verify calls from “bank officials,” and never share sensitive information.

7. AI-Driven Fraud Detection: Banks and fintech companies must accelerate the adoption of AI-driven fraud detection systems, behavioural analytics, and real-time transaction monitoring to identify suspicious activities before financial losses occur. Early detection reduces the need for aggressive post-fraud measures like account freezing.

Conclusion: Safeguarding India’s Digital Future

India’s digital payments revolution is one of the great success stories of the modern economy. It has brought millions into the formal financial system, reduced transaction costs, and enabled new forms of commerce. But this revolution is now threatened by two interconnected crises: the epidemic of cyber fraud and the administrative overreach in responding to it.

The fraudsters must be caught. The stolen money must be recovered. But not at the cost of destroying the livelihoods of innocent citizens. A small trader whose account is frozen over a ₹100 suspicious credit is not a criminal; he is a victim. A push-cart vendor whose ₹20 payment leads to a frozen account is not a money launderer; she is a hardworking citizen trying to earn an honest living.

Safeguarding India’s digital future will depend not only on technological safeguards but on building a culture of digital responsibility where innovation is matched with trust, awareness, and resilience. It will depend on a legal and administrative framework that is as agile and fair as the digital economy it seeks to regulate. The unfortunate fallout of cybercrime investigations can be addressed. But it requires political will, judicial oversight, and a commitment to proportionality. The victims of fraud deserve justice. But so do the victims of administrative overreach. India must deliver both.

Q&A: Cybercrime Investigations and Account Freezes in India

Q1: What is the scale of cybercrime in India, according to the latest data?

A1: India recorded a record 2.8 million cybercrime complaints in 2025, a 24 per cent increase from 2024. Despite aggressive real-time intervention saving over ₹8,000 crore, Indians still lost approximately ₹22,495 crore to digital criminals—a staggering 0.7 per cent of the national GDP. The Department of Telecommunications and TRAI have terminated over 3 crore fraudulent mobile connections, evidencing the “industrialisation of fraud.” Cyber fraud today is less about sophisticated hacking and more about psychological manipulation, with fraudsters impersonating bank officials, investment advisers, police, and even the judiciary to trick individuals into sharing sensitive financial information.

Q2: What is the “unintended secondary crisis” described in the article, and how does it affect innocent citizens?

A2: The secondary crisis is administrative overreach through widespread, indiscriminate debit-freezing of bank accounts. In the urgent effort to trace and recover stolen funds, law enforcement agencies have increasingly relied on account freezes as a primary investigative tool. These actions are frequently disproportionate to the suspected crime. Data indicates that while 28.15 lakh cybercrime complaints were registered last year, the resulting “blanket freezes” have trapped an estimated ₹12,000 crore belonging to innocent parties. A single suspicious credit of ₹100 can result in the total freezing of an operational account for a small business. Even a ₹20 credit to an unsuspecting push-cart vendor can lead to a debit freeze. Unfreezing timelines stretch from four to seven months, causing permanent financial distress for India’s 6.4 crore MSMEs.

Q3: Why does the article argue that blanket account freezes violate constitutional rights?

A3: The article argues that blanket freezes violate the fundamental right to trade and livelihood guaranteed under Article 19(1)(g) of the Constitution, which guarantees the right to practice any profession or carry on any occupation, trade, or business. While this right is not absolute and can be restricted by reasonable state action, restrictions must be proportionate and must follow due process of law. Blanket freezes—without notice, without a hearing, and without any assessment of the account holder’s complicity in the alleged fraud—fail this test. A trader who receives a ₹100 payment from a customer is not a criminal. Yet they are treated as if they are. Judicial scrutiny has repeatedly emphasised that blanket or indefinite freezing without proper judicial authorisation raises serious concerns of proportionality.

Q4: What is the “justice cost” faced by ordinary citizens whose accounts are frozen?

A4: The “justice cost” refers to the geographical and procedural disconnect that makes account restoration extremely difficult for ordinary citizens. Despite cybercrime being digital, the process of restoring frozen bank accounts remains largely physical, slow, and document-heavy. A small trader or salaried individual whose account is frozen by a cybercrime unit located in another state or region must: travel to that jurisdiction, submit physical documents, engage legal assistance, and wait for weeks or months for a resolution. Over 2.6 million “Layer 1” suspected mule accounts have been flagged, and many innocent account holders simply give up on recovering their funds. The article describes this as a form of “administrative attrition” where the process of justice is so burdensome that victims abandon their claims.

Q5: What reforms does the article recommend to address the crisis of disproportionate account freezes?

A5: The article recommends seven urgent reforms:

1. Proportionality in freezing: Adopt a graduated approach—freeze only the suspected fraudulent amount, not the entire account. Distinguish between “mule accounts” and “victim accounts.”

2. Judicial oversight: Require judicial authorisation (magistrate approval) for account freezes, not merely administrative action.

3. Digital unfreezing process: Create a centralised online portal for document submission, identity verification, and dispute resolution, eliminating the need for travel.

4. Time limits: Impose strict time limits (e.g., 30 days) on account freezes; if authorities cannot file a chargesheet within that period, the freeze should automatically lift.

5. Compensation for wrongful freezes: Provide compensation to innocent account holders whose accounts are wrongfully frozen, creating a deterrent against casual freezing.

6. Strengthen digital literacy: Nationwide financial awareness campaigns, particularly in Tier-2 and rural regions, to help citizens recognise phishing attempts.

7. AI-driven fraud detection: Banks and fintech companies must accelerate adoption of AI-based behavioural analytics and real-time monitoring to identify suspicious activities before losses occur, reducing the need for aggressive post-fraud measures.