The 1930 helpline, cybercrime.gov.in walkthrough, the IT Act and Bharatiya Nyaya Sanhita sections that apply to your case, the RBI Ombudsman path, the Section 46 Adjudicating Officer route for claims up to ₹5 crore, and the evidence checklist that gets a complaint taken seriously.
Published 12 May 2026 · ScamSupport research · ~13 minute read
If you've just been defrauded online in India, the next 24 hours determine most of what's recoverable. The Indian system has more recovery infrastructure than most people realise — the 1930 helpline coordinates directly with 85+ banks, payment gateways, RBI and NPCI to attempt fund freezes within minutes; the National Cyber Crime Reporting Portal at cybercrime.gov.in feeds investigations across states; the Information Technology Act and the Bharatiya Nyaya Sanhita 2023 between them cover almost every variety of online fraud; and Section 46 of the IT Act gives an Adjudicating Officer the power to award compensation up to ₹5 crore without you having to file a civil suit. The catch is that almost none of this is well known, and the process gets harder the longer you wait.
This guide walks through the full Indian remedy stack in order: the emergency call to make first, the cybercrime portal complaint, the criminal-law sections that should be cited, the bank and RBI Ombudsman path, the Adjudicating Officer compensation route, the Telegram-specific reporting paths (and their limits), the evidence preservation checklist, and the jurisdictional reality of foreign-hosted scam channels. Sources are linked throughout and gathered at the end.
The single most important action after an online financial fraud in India is to dial 1930. This is the National Cyber Crime Helpline, operated 24/7 by the Ministry of Home Affairs through the Indian Cyber Crime Coordination Centre (I4C). It exists for one purpose: to coordinate fund freezes across the Indian banking system before scam money is withdrawn.
The reason to call 1930 before your own bank is structural. Your bank can only act on its own internal systems. The 1930 helpline runs on the Citizen Financial Cyber Fraud Reporting and Management System (CFCFRMS), which connects more than 85 banks and payment intermediaries. When you call 1930 and report a transaction, the operator pushes a fund-freeze request through CFCFRMS to the receiving bank within minutes. If the money is still in the account when the request lands, it can be held while the case is investigated. If you call your own bank first, you lose the head start on the receiving institution — and most scams move funds out within hours.
The call typically takes 10-15 minutes. At the end of it, the operator issues an acknowledgement number and confirms the fund-freeze request has been pushed. After the call, you should still notify your own bank's fraud line independently — that opens the bank's internal case — but the 1930 call has already triggered the most time-sensitive action.
Reported recovery rates from the 1930 system, where complaints are filed within hours of the fraud, sit in the 20-30% range. After 24 hours, recovery odds fall sharply.
The 1930 call should be followed within 24 hours by a formal written complaint on the National Cyber Crime Reporting Portal (NCRP) at cybercrime.gov.in. The NCRP is the official Government of India platform for cybercrime complaints; it's the system that creates the case file used by state-level Cyber Crime Cells, the Central Bureau of Investigation, and the Indian Cyber Crime Coordination Centre.
The NCRP complaint is what authorises the cyber crime cell in your state to open an investigation. Without it, the 1930 fund-freeze request can hold money temporarily but there's no formal case to prosecute. Together, the two are the foundation of every other remedy in this guide.
Indian law treats online fraud under two overlapping codes: the Information Technology Act, 2000 (as amended) for technology-specific offences, and the Bharatiya Nyaya Sanhita, 2023 for the underlying criminal offences. Most cases cite both. The IT Act sections you'll see most often:
This applies when a person accesses your computer, mobile, or online account without permission — including hacking your email, taking over a social-media account, or accessing a banking app on your phone. Section 43 carries civil liability for damage caused; this is the section that's commonly invoked when you seek compensation under Section 46 (covered below).
The criminal extension of Section 43. If the unauthorised access was committed dishonestly or fraudulently, Section 66 applies — punishable with imprisonment up to three years, a fine up to ₹5 lakh, or both. Most account-takeover and credential-theft cases cite Section 66 alongside Section 43.
Applies when someone fraudulently or dishonestly uses your electronic signature, password, or any other unique identification feature. This is the standard charge for cases where a scammer used your stolen Aadhaar, PAN, banking credentials, or biometric data to commit fraud. Punishable with imprisonment up to three years and a fine up to ₹1 lakh.
This is the most-cited section in UPI fraud, fake customer-care scams, and impersonation cases. It applies when a person, by means of any communication device or computer resource, cheats by impersonation. Punishable with imprisonment up to three years and a fine up to ₹1 lakh. Almost every online scam where the fraudster pretends to be someone else — bank staff, a delivery agent, a relative, a trader on Telegram — gets charged under Section 66D.
Since 1 July 2024, India's general criminal code is the Bharatiya Nyaya Sanhita 2023, which replaced the Indian Penal Code. The BNS doesn't create a separate cyber-crime chapter — instead, it modernises the underlying offences (cheating, criminal breach of trust, forgery, criminal intimidation) so that they apply naturally to acts committed online. For online fraud cases, two BNS sections do most of the work:
The BNS replacement for IPC Section 415/420. Section 318 defines cheating as fraudulently inducing someone to deliver property, consent that property be retained, or do or omit any act they wouldn't otherwise have done, where the deception causes harm. This is the standard charge for the substantive fraud in any UPI scam, online-shopping scam, investment fraud, or phishing case — the part that captures the actual loss of money or property, separately from the technical means.
The BNS analog to IT Act Section 66D, focused on the impersonation element. Section 319 applies when a person cheats by pretending to be someone else — through a fake email, fake website, fake social-media profile, or fake online identity. Punishment is imprisonment up to five years, a fine, or both.
Most charge sheets for Indian online fraud now cite the relevant IT Act sections (43/66/66C/66D) together with BNS 318 and 319. The combined framing strengthens the case: the IT Act covers the technical act and supports civil compensation, while the BNS sections carry the substantive criminal charges.
Independent of the criminal investigation, you have a separate consumer-protection route through your bank and ultimately the Reserve Bank of India.
Within three working days of the fraud, file a written complaint to your bank's grievance redressal cell. Reference the 1930 acknowledgement number and the NCRP case number. Under the RBI's Customer Protection circular on limited liability for unauthorised electronic banking transactions, your liability for an unauthorised transaction is heavily limited if you report it within three working days — and zero if the fault was the bank's. Reporting between four and seven working days caps your liability at a defined amount; beyond seven, you bear more of the loss.
If the bank fails to resolve the complaint within 30 days, or you're dissatisfied with the resolution, you can escalate to the RBI Integrated Ombudsman Scheme at the RBI's Complaint Management System portal (cms.rbi.org.in). The Integrated Ombudsman Scheme covers banks, NBFCs, and payment-system operators under a single forum. Filing is free, and the Ombudsman can direct the bank to refund you, compensate you for inconvenience, and pay associated costs. There's no fee for the consumer.
For amounts beyond the Ombudsman's standard reach, or for service-deficiency claims, the District/State/National Consumer Disputes Redressal Commissions remain available. These are slower but enforce stronger orders.
One of the most under-used remedies in Indian cyber law is the Adjudicating Officer mechanism under Section 46 of the IT Act. Most online-fraud victims don't know it exists, but it can be the fastest way to formal compensation for losses caused by an IT Act contravention.
Section 46 empowers the Central Government to appoint Adjudicating Officers — officers not below the rank of Director to the Government of India or equivalent state-government rank — to adjudicate cases under the IT Act and award penalty or compensation. Each state and union territory has at least one Adjudicating Officer designated; the role is typically held by the IT Secretary or equivalent.
The Adjudicating Officer has jurisdiction over IT Act contraventions where the claim for damage or compensation does not exceed ₹5 crore. Above that threshold, jurisdiction shifts to the competent civil court. For the vast majority of individual fraud cases, ₹5 crore is a ceiling — not a floor — so Section 46 covers your case.
The Adjudicating Officer has the powers of a civil court — summoning witnesses, requiring document production, conducting an inquiry, and awarding compensation. Decisions are appealable to the Telecom Disputes Settlement and Appellate Tribunal (TDSAT, which absorbed the former Cyber Appellate Tribunal's functions).
The process is faster and more accessible than civil-court litigation, though under-resourced in practice — typical case timelines run six to eighteen months. For losses where the bank has refused to refund and the Ombudsman route hasn't resolved the matter, this is often the right next step.
Telegram has become a major fraud surface in India — particularly for fake job offers, investment-group scams, fake customer-care impersonation, and the cross-border crypto P2P frauds covered in our Telegram P2P safety guide. The reporting paths are limited but worth using.
Open the user's profile, tap the three-dot menu, choose Report, and select Scam. For groups and channels, the same path applies. Reports feed Telegram's scam-classifier and contribute to the platform's mass-takedown operations — Telegram blocked over 43.5 million channels and groups globally in 2025. They will not return your money but they reduce the lifespan of the operator's account.
For higher-impact cases, email abuse@telegram.org with a one-page summary, the username(s), screenshots, and your NCRP case reference. Telegram is selective in its responses, but well-documented complaints — particularly involving multiple victims or ongoing campaigns — do see action.
One of the persistent gaps in Indian cyber-crime enforcement is that Telegram has historically been slow to respond to Indian law enforcement requests. Unlike Meta's platforms, which maintain dedicated India-facing law-enforcement liaison processes, Telegram's response to Indian police data requests is sporadic. The 2024-2025 enforcement actions against Telegram's leadership in France led to a noticeable improvement in cooperation globally, but India-specific coordination remains uneven. In practical terms, this means that even with an NCRP case open and a Section 65B-compliant evidence package, getting Telegram to disclose subscriber records on a particular account takes longer in India than in jurisdictions with stronger MLAT (mutual legal assistance) infrastructure.
You should still file with Telegram and through Indian law-enforcement channels — the reports build the case — but recovery from a Telegram-only fraud will more often depend on freezing the receiving bank account through 1930 than on identifying the Telegram operator. Concentrate the bulk of your effort on the financial side of the trail.
Indian cybercrime cases require evidence that meets the standards of Section 65B of the Indian Evidence Act (now covered under analogous provisions in the Bharatiya Sakshya Adhiniyam 2023, which replaced the Indian Evidence Act on 1 July 2024). Electronic evidence must be accompanied by a certificate confirming how it was generated and that the originating computer was operating properly at the time. Without this, evidence can be excluded at trial.
Save copies in at least two places — the original device, an external drive, and ideally a cloud account that maintains version history (Google Drive or a similar service). Don't edit or annotate the originals; if you need to add notes, do so in a separate document.
The hardest cases in Indian online fraud are those where the scam infrastructure sits outside Indian jurisdiction — foreign-registered Telegram channels, overseas crypto exchanges with weak KYC, fake e-commerce sites hosted on bullet-proof providers in jurisdictions that don't cooperate, and pig-butchering operations run from compounds in Cambodia, Myanmar or the Philippines.
Indian law enforcement's ability to act in these cases depends on Mutual Legal Assistance Treaties (MLATs), interoperability with Interpol, and cooperation from the destination platforms. In practice, the speed of these processes is measured in months and years, not days. For the great majority of individual fraud cases, the realistic recovery comes from freezing money before it leaves the Indian banking system — which loops back to the urgency of calling 1930 within hours of the fraud.
For larger, well-documented cases, particularly where multiple Indian victims are involved in the same operation, the I4C's Joint Cyber Coordination Teams (J-CCTs) can be effective — they pool intelligence across states, coordinate with central agencies, and have driven several large takedowns of pig-butchering and investment-fraud operations targeting Indian victims. The NCRP complaint is the entry point to this pipeline; the J-CCTs draw on NCRP data when clusters cross threshold.
The cybercrime portal accepts complaints at any time, and the criminal-law sections under the BNS and IT Act don't have short limitation periods. But fund recovery through 1930 depends on speed; after 24 hours, recovery probability falls sharply. The bank's limited-liability protection under the RBI Customer Protection circular also has tight reporting windows (3 working days for full protection).
No. The portal is built for direct citizen access and the form is straightforward. A lawyer becomes useful if the case progresses to FIR registration, charge sheet filing, or Section 46 adjudication — particularly where you are seeking compensation or where the bank is contesting liability.
No. Both are free Government of India services. Anyone asking you to pay a fee to file a 1930 complaint or a cybercrime portal report is running a follow-on scam. Genuine government cybercrime services do not charge consumers.
This happens when funds you've received turn out to be from a fraud, even if you weren't complicit. Reach out to your bank's compliance team with the relevant evidence (1930 acknowledgement, NCRP case number, original transaction context) and request the freeze be lifted on documented portions. Specialist unfreezing-bank-account guides are available, and law firms with cyber-fraud practice can negotiate with the bank's compliance team if the freeze persists.
Yes — file with cybercrime.gov.in even if the fraudster is based abroad. Indian authorities can pursue cross-border cooperation through MLATs and Interpol channels for larger cases. Recovery is harder but the report is still valuable, both for the pattern-matching it contributes to and for any future restitution if the operation is later prosecuted.
UPI fraud is handled in the same framework. The 1930 helpline is the first call; the NCRP complaint follows; the bank and NPCI are notified through the same process. NPCI's Customer Compensation Policy may apply where the fault was at the rail level rather than the customer's. UPI's real-time settlement makes the time pressure even more acute — minutes matter.
State cyber crime cells often prioritise senior-citizen cases under their vulnerable-victim protocols, and several states have dedicated senior-citizen cybercrime helpdesks. Mention senior-citizen status in the NCRP complaint and on the 1930 call; this typically routes the case for prioritised handling.