Online Bank Fraud? Here’s What the Law Says and What to Do Immediately

Do you suspect that you are the victim of Online Bank Fraud? Here’s What the Law Says and What to Do Immediately

Online banking fraud is one of the fastest-growing cybercrimes in India. Whether through UPI scams, phishing links, or OTP theft, thousands of victims lose money every day. The good news is — Indian law and RBI guidelines offer strong protections, but only if you act quickly.

Jump to:

• Common Types of Online Bank Fraud
• What to Do Immediately After the Fraud
• RBI Guidelines: When Are You Liable?
• Indian Laws That Apply
• How to File Complaints (Bank + Cyber Cell)
• What Evidence You Need
• FAQs on Bank Fraud in India
• Further Reading

Common Types of Online Bank Fraud in India

• Phishing: Fake emails/SMS pretending to be your bank
• UPI Scams: Asking to scan QR codes or “receive money”
• OTP Theft: Trick calls or messages asking for your OTP
• Fake Banking Apps: Malicious apps stealing your data
• SIM Swap Fraud: Criminals gain control of your phone number

What to Do Immediately After the Fraud

Time is critical. Here's what you must do in the first few hours:

1. Call your bank’s toll-free fraud helpline (often 24x7)
2. Inform your branch and request a freeze on further transactions
3. Change your internet/mobile banking password and PIN
4. File a complaint at cybercrime.gov.in
5. Save transaction ID, screenshots, SMS or call logs as proof

RBI Rules: Are You Liable or Protected?

The Reserve Bank of India (RBI) has clear rules on bank fraud liability:

• If the fraud occurred without your fault and you report it within 3 working days — the bank must refund your money in full.
• If you report it between 4 and 7 days, your liability is capped (₹5,000 to ₹25,000 depending on account type)
• After 7 days, you may be fully liable — unless the bank waives it

Refer to the official RBI notification for full details.

Indian Laws That Cover Bank Frauds

• Information Technology Act, Section 66C & 66D: Identity theft and cheating by impersonation
• IPC Section 420: Cheating and dishonestly inducing delivery of property
• IPC Section 406: Criminal breach of trust
• RBI Circulars: Legal obligation of banks to compensate timely reports

How to File Complaints (Bank + Cyber Cell)

To pursue recovery and legal action:

1. Step 1: File a written complaint with your bank and demand a ticket/acknowledgment
2. Step 2: File an online complaint at cybercrime.gov.in
3. Step 3: Visit your local cyber police station with documents
4. Step 4: Request FIR registration under relevant IPC/IT sections

See: How to File a Cybercrime Complaint in India

What Evidence Will Help Your Case?

Collect and preserve:

• Bank statement showing unauthorized transaction
• Transaction reference number/UTR
• Screenshots of messages/emails/calls
• Complaint acknowledgment from bank
• Police complaint number or FIR copy

FAQs: Bank Fraud in India

• Can I get my money back? Yes, if reported within RBI’s time frame
• What if I clicked a phishing link? Still report ASAP. Delay worsens liability
• Can I escalate if the bank refuses? Yes. File to RBI Ombudsman or consumer court
• Is legal help needed? Recommended for large fraud or unresponsive banks

Further Reading

• What Is Considered a Cybercrime in India?
• Sextortion and Honeytrap Scams
• Identity Theft in India

Back to Pillar Post: Cyber Law for the Everyday Indian