Answer By law4u team
Phishing is a type of cyber fraud where a person is tricked into sharing sensitive information like passwords, OTPs, bank details, or login credentials by pretending to be a trusted source such as a bank, government office, or company. It is usually done through: Fake emails that look like official bank messages Fake SMS or WhatsApp messages with malicious links Fake websites that copy real banking or service portals Phone calls pretending to be customer care or government officials Once the victim enters their details, the attacker uses them for money theft, identity fraud, or account takeover. Yes, phishing is illegal in India. It is punishable under several laws, mainly the Information Technology Act, 2000 and criminal law provisions under the Bharatiya Nyaya Sanhita, 2023. Legal consequences include: Under IT Act, 2000: Section 66C – Identity theft (using someone’s password, digital signature, or unique ID fraudulently) Section 66D – Cheating by personation using computer resources (this directly covers phishing scams) Section 43 – Unauthorised access or damage to computer systems (civil compensation liability) Section 66 – Computer-related offences (general hacking and fraud activities) Under Bharatiya Nyaya Sanhita, 2023: Cheating and dishonestly inducing delivery of property Criminal breach of trust and fraud Forgery and use of forged electronic records Punishment can include: Imprisonment (which can extend up to several years depending on severity) Heavy fines Recovery of stolen money through investigation and freezing of accounts In summary: Phishing is a cybercrime in India, treated as cheating and identity fraud, and is punishable with imprisonment and fines under both cyber laws and criminal law.