Across India, fraudsters are shifting tactics, moving away from complex system hacks to manipulating people. Whether it’s a panicked “digital arrest” call, a convincing deepfake voice of a loved one, or a lucrative investment group that slowly builds trust, today’s scams are designed to trigger emotion before logic has a chance to intervene. Social engineering thrives on fear, urgency, authority, and greed, pushing victims to act quickly without verification. In this evolving threat landscape, understanding how these psychological attacks work is no longer optional—it is essential for survival in a digital-first world.
Cybercrime is no longer just about hacking systems; it is about hacking people. From fake trading groups to “digital arrest” calls and deepfake voices, the biggest weapon in today’s cyber fraud ecosystem is social engineering, a method where criminals manipulate human behaviour to steal money and data.
And the numbers clearly show why this matters. In India, cyber incidents have surged from 10.29 lakh cases in 2022 to 22.68 lakh in 2024, reflecting the massive expansion of digital risks. At the same time, nearly 60% of cyber breaches involve human factors such as phishing, manipulation, or trust exploitation.
In simple terms people, not systems, are now the weakest link.
What is social engineering?
Social engineering is a type of cyberattack that does not rely on breaking into systems or exploiting technical vulnerabilities, but instead focuses on manipulating human judgement. It involves psychological tactics where fraudsters deceive individuals into sharing sensitive information or transferring money by making the situation appear urgent, legitimate, or emotionally compelling.
Fraudsters impersonate trusted entities like bank officials or police, create urgency through threats or warnings, and build trust via fake groups or profiles. They exploit fear and greed to push victims into acting without proper verification.
“Social engineering attacks succeed not because of technology gaps, but because they exploit emotions, fear, trust, and urgency. Once the mind is compromised, the system follows,” says Adv Rajas Pingle, Cyber & AI expert.
The rise of psychological cybercrime
Recent cases across India show how social engineering is evolving rapidly. In “digital arrest” scams, victims are threatened with fake legal action and pressured to transfer money. In deepfake frauds, they hear voices of their own family members asking for urgent help, while in impersonation scams, criminals pose as immigration officers, bank staff, or police officials. In one such case, a victim was manipulated through a fake video interrogation and lost lakhs under pressure. These are not random attacks; they are carefully designed psychological operations.
How scammers manipulate you
Cybercriminals follow predictable behavioural triggers:
– Authority: “Police,” “CBI,” “bank official”, people trust authority figures.
– Urgency: “Act now or your account will be blocked.”
– Fear: “You are involved in a crime.”
– Greed: “Earn 300% returns.”
– Trust building: Weeks of conversation before asking for money. Research shows phishing, the most common form of social engineering, is used as the entry point for most major cyber-attacks globally.
“Today’s scams are not rushed. Fraudsters invest time in understanding the victim, their behaviour, and their vulnerabilities. It is targeted manipulation, not random fraud,” explains Adv. Pingle.
Why Pune is especially vulnerable
– Pune represents a perfect target for social engineering attacks:
– Large student population
– High number of IT professionals and online investors
– Growing use of UPI, trading apps, and digital platforms
– Increasing number of elderly users adapting to technology
– Each group is vulnerable in a different way: Students are often targeted through job and internship scams, professionals fall prey to trading and investment frauds, while elderly citizens are more vulnerable to impersonation and APK-based scams. This wide range of targets across different groups makes Pune a high-value cybercrime zone.
The role of AI: Making scams more dangerous
The next phase of social engineering is powered by artificial intelligence.
– AI-generated phishing emails look flawless
– Deepfake voices mimic real people
– Personalised scams use data from social media
– Experts warn that deepfake technology will significantly amplify cyber fraud in the coming years, making scams harder to detect.
“AI has made deception scalable. Earlier, scams were generic. Today, they are personalised, believable, and extremely difficult to identify,” says Adv. Pingle.
Real risk: It can happen to anyone
One of the biggest myths about cyber fraud is that it only affects the unaware. Professionals are getting duped, senior citizens are actively targeted, and even experienced users fall for scams. In fact, over 80% of cyber breaches globally involve human error or manipulation, not technical failure. This means awareness is no longer optional, it is essential.
Cybercrime today is not just about technology; it is about human behaviour. Social engineering attacks succeed because they look real, feel urgent, and sound convincing. In that moment of panic or excitement, people often act without thinking. “The biggest defence against cybercrime is not software, it is awareness. If you pause, question, and verify, most scams fail instantly,” concludes Adv. Rajas Pingle.
In a city like Pune, smart, digital, and fast-growing the real challenge is not access to technology, but understanding its risks.
BOX: Common Social Engineering Scams in Pune
– Fake trading & investment groups
– Loan approval scams
– Digital arrest calls
– OTP/KYC fraud
– APK & remote access scams
– Social media marketplace fraud
BOX: How to stay safe
– Never trust urgency, pause and verify
– Do not share OTPs, PINs, or banking details
– Avoid downloading apps from unknown links
– Verify calls claiming to be from banks or police
– Cross-check investment platforms before investing
– Report immediately on 1930 or cybercrime.gov.in
