What are the legal procedures for reporting and investigating cybercrimes in India?

Introduction

With the rapid digitization of services, communication, and commerce in India, cybercrimes such as hacking, online fraud, data theft, identity impersonation, stalking, and phishing have become increasingly common. To combat these digital threats, India has established a structured legal and procedural framework for reporting and investigating cybercrimes. This framework is primarily governed by the Information Technology Act, 2000, and supplemented by provisions of the Indian Penal Code (IPC) and the functioning of specialized Cyber Crime Cells, CERT-In, and law enforcement agencies.

Reporting cybercrime promptly is crucial for both recovery and legal action. The government has introduced accessible complaint portals, specialized units, and standard investigation protocols to help individuals and organizations.

Who Can Report Cybercrime?

Anyone who is a victim of or witness to a cybercrime can file a complaint, including:

  • Individuals (citizens or residents) affected by online fraud, harassment, data theft, etc.

  • Organizations or companies facing cyberattacks or breaches

  • Parents or guardians on behalf of minors

  • Friends or colleagues on behalf of someone affected

There is no requirement for the complainant to be physically present in the city where the incident occurred, due to the territorial flexibility of cybercrime jurisdiction.

Where to Report Cybercrime in India?

There are two main channels for filing cybercrime complaints in India:

1. Online Reporting Portal – www.cybercrime.gov.in

  • Official portal launched by the Ministry of Home Affairs

  • Available for 24×7 reporting of cyber offenses, especially cybercrimes against women and children

  • Requires Aadhaar, email ID, and mobile number for registration

  • Allows uploading of evidence like screenshots, email headers, call recordings

Steps to file a complaint online:

  1. Visit www.cybercrime.gov.in

  2. Choose “Report Cybercrime” and select the appropriate category (e.g., online financial fraud, cyberstalking, etc.)

  3. Fill in required details such as complainant info, incident description, IP address, account numbers

  4. Attach supporting evidence (chats, emails, screenshots)

  5. Submit the form and receive a complaint reference number for tracking

2. Offline Reporting – Local Police Station or Cybercrime Cell

  • Every state and major city has a Cyber Crime Cell, often attached to the Crime Branch

  • Victims can visit the nearest police station (even if it is not a cyber cell)

  • Police are required to register the FIR (First Information Report) under relevant sections of the IT Act and IPC

If police refuse to register a complaint, the complainant can:

  • Approach the Superintendent of Police (SP)

  • File a complaint directly with the Magistrate

  • Approach the National Human Rights Commission or other legal bodies

Essential Documents to Submit When Filing a Complaint

The complainant should provide as much relevant detail as possible:

  • Written complaint explaining the incident clearly

  • Screenshots of messages, emails, websites, or fake profiles

  • Email headers (for email-related crimes)

  • URL or website links involved

  • Copies of fraudulent transactions (bank statements, UPI IDs)

  • Identity proof (Aadhaar, PAN, passport)

  • Any device involved (mobile, laptop) if asked for forensic examination

Key Cyber Crime Units in India

  • Cyber Crime Cells: Specialized units in all major cities (Delhi, Mumbai, Bengaluru, Hyderabad, etc.)

  • Central Bureau of Investigation (CBI): Handles complex or interstate cyber cases

  • Indian Computer Emergency Response Team (CERT-In): Handles large-scale incidents, data breaches, and threat alerts

  • National Cyber Crime Reporting Portal (NCRP): Administers www.cybercrime.gov.in and escalates complaints to local law enforcement

Types of Cybercrimes That Can Be Reported

  • Financial fraud (UPI scams, credit card fraud, fake apps)

  • Hacking or unauthorized system access

  • Phishing emails and impersonation

  • Cyberstalking or cyberbullying

  • Data theft and identity theft

  • Publishing obscene content online

  • Ransomware or malware attacks

  • Fake social media profiles

  • Online defamation or blackmail

Investigation Process of Cybercrime in India

Once a complaint is filed, the police or cyber cell initiates the investigation in the following steps:

1. Registration of FIR (If Cognizable Offense)

  • Cybercrimes like hacking, identity theft, or fraud are cognizable offenses

  • FIR is registered under applicable sections of the IT Act and IPC

2. Forensic Examination and Evidence Collection

  • Investigators may seize electronic devices involved (laptop, mobile, hard disk)

  • Analysis is conducted using cyber forensic tools

  • Email trails, IP addresses, logs, call records, and transaction IDs are examined

3. Tracking the IP Address and Digital Footprints

  • Investigators identify the source of attack using IP tracking

  • They collaborate with internet service providers, telecom companies, and hosting platforms to trace culprits

4. Contacting Financial Institutions (If Needed)

  • In case of online banking fraud, police alert banks and payment apps to freeze transactions

  • Victims may be asked to contact their bank’s grievance cell and file chargeback requests

5. Coordination With National or International Agencies

  • If the crime involves cross-border elements (foreign IPs, accounts), Interpol or foreign cyber cells may be contacted

  • CERT-In may be involved in assessing infrastructure-level attacks or breaches

6. Arrest and Charge Sheet

  • Once identity is confirmed and evidence is gathered, police arrest the accused and present them before a Magistrate

  • Charge sheet is filed in the competent court for trial

7. Judicial Proceedings and Prosecution

  • The trial follows the Indian Evidence Act and CrPC procedures

  • Cyber experts may be called as witnesses

  • Court gives judgment and decides penalties (imprisonment, fine, or both) based on the offense

Important Laws Used in Cybercrime Investigation

  • Information Technology Act, 2000: Sections 43, 65, 66, 66C, 66D, 66F, 67

  • Indian Penal Code (IPC): Sections 419 (cheating), 420 (fraud), 465 (forgery), 468 (identity forgery), 471 (fake documents), 509 (outraging modesty of woman), 354D (stalking)

  • Evidence Act, 1872: For accepting electronic evidence

  • CrPC (Criminal Procedure Code): Governs arrest, search, seizure, and trial

Time Frame for Investigation

According to legal guidelines:

  • Investigations must be completed within 90 days to 180 days for most cybercrimes

  • In case of serious offenses like cyberterrorism, extended timelines may apply

Cybercrime Helpline Numbers and Portals

  • National Cybercrime Helpline: 1930 (for immediate help in online frauds)

  • National Portal: www.cybercrime.gov.in

  • CERT-In Website: www.cert-in.org.in

  • Cyber Safe Mobile App: Available in some states like Maharashtra and Telangana

Tips for Victims Before and After Reporting

  • Do not delete or alter any evidence (screenshots, chats, emails)

  • Inform your bank immediately if money is involved

  • Change passwords for all affected accounts

  • Avoid responding further to cybercriminals

  • Cooperate fully with police during the investigation

  • Follow up with cyber cell regularly using your complaint reference number

Conclusion

India has a robust and evolving legal framework to report and investigate cybercrimes through a combination of digital portals, specialized cyber cells, and clear procedures under the IT Act and IPC. With the increasing reach of cyber offenses, it is vital for every citizen and business to understand how to file a complaint, what documents are needed, and how investigations proceed. Swift reporting, timely evidence submission, and awareness of legal rights play a crucial role in holding cybercriminals accountable and ensuring digital safety.

Priya Mehta

Posts