SRINAGAR: India has lost over Rs 3,500 crore to cyber frauds in the last five financial years, even as banks and enforcement systems managed to recover or save Rs 238.83 crore for victims, according to data placed before the Lok Sabha in response to a question by June Maliah. The Government said the rise in digital payments has been accompanied by a steady increase in financial cybercrime, with more than 5.83 lakh digital-payment fraud cases reported between 2021–22 and September 2025.
The data, provided by the Reserve Bank of India to the Ministry of Finance, shows that credit-card frauds accounted for the largest chunk of losses, with Rs 1,447.27 crore involved in 2.43 lakh cases, followed closely by internet-banking frauds involving Rs 1,730.14 crore across 2.42 lakh cases. Debit and ATM card frauds accounted for another Rs 401.17 crore. Together, these three categories formed the overwhelming majority of digital-payment crimes recorded by banks and financial institutions. The Government said recoveries remained modest compared with losses, with credit-card frauds accounting for Rs 177.78 crore of the total amount recovered or saved, while internet-banking cases saw only Rs 24.83 crore retrieved.
Frauds through Unified Payments Interface were relatively small in value but continued to rise in frequency, while wallet and prepaid-card frauds were negligible in both amount and volume. Aadhaar-linked transactions, including Aadhaar Enabled Payment System misuse, led to 1,346 cases involving Rs 1.06 crore, of which Rs 0.76 crore was recovered. The Government said that until 2024, AePS frauds were reported under the broader category of internet banking, but from November 2024 onwards they have been separated and classified under digital payments.
Responding to concerns about the safety of Aadhaar-linked financial systems, the Government said the Aadhaar Enabled Payment System does not itself expose an individual’s sensitive information, but frauds typically exploit social engineering, biometric cloning, unauthorised device access or vulnerabilities in local enrolment and authentication practices. The Ministry of Finance said the Reserve Bank of India, National Payments Corporation of India and banks have issued multiple advisories to strengthen transaction monitoring, biometric security, multi-factor authentication and customer-awareness programmes.
The Government told the House that the surge in digital payments has also expanded the attack surface for cybercriminals, prompting new guidelines on reporting frauds, escalating authentication failures and improving coordination between banks, the NPCI and law-enforcement agencies. It said financial institutions are now required to put in place systems for early detection of suspicious activity, quicker freezing of fraudulent transfers and faster return of funds where possible, alongside large-scale public campaigns to warn users about phishing, remote-access scams and biometric misuse.
