Libertatem Magazine

Libertatem: Navigating Legal Perspectives

Beware of Phishing Scams: Paytm Claims Its Customers Suffer From Fraud

Contents of this Page

The Delhi High Court has issued a notice to the Central Government, TRAI, and various telecoms on the matter of Paytm’s plea. The notice seeks the stand taken by the various parties on the allegations by Paytm.

Petition Filed

One97 Communication Ltd is the company which runs Paytm. It has filed a petition before the Delhi HC. The Petitioner has alleged its customers suffering from fraud. This allegation is due to phishing activities over various mobile networks. Consequently, the petitioner states that network companies are not adequately blocking phishing. As a result, this leads to the defrauding of its customers. 

The petitioner contends violation of privacy, under Article 21 of the Indian Constitution. Additionally, the Petitioner has alleged that the companies have violated their obligations. This is specifically with regard to the Telecom Commercial Communications Customer Preferences Regulations. 

Further, the Petitioner has claimed reputational and financial loss. This is as a result of phishing activities. Hence, the petition makes a claim of ₹100 Crore. The Bench of the Delhi HC comprised of Justice D.N. Patel and Prateek Jalan. On hearing of the petition, the bench has issued a notice to mobile network companies. In addition to this, it has sent notices to TRAI and the Central Government. 

What is Phishing?

India Law Offices defines “phishing” as an attempt to receive sensitive information. This is done by posing as a trustworthy entity. This deceitful practice includes sending emails as part of reputable companies. These emails lead to fake websites of such companies. Thus, the intention of phishing activities is to coax individuals to provide their personal details. Passwords, credit card details and other such sensitive information are considered to be personal information. 

There has been an increase in phishing cases in India. The causes of this increase are as follows:

  1. Lack of awareness amongst the public: There is a lack of awareness about current phishing schemes among the public. Users are unaware that their personal information is being targeted.
  2. Lack of awareness about policy: Users are unaware of the policies and procedures that deal with fraud.
  3. Technical sophistication: There is the use of sophisticated technology for their activities. As a result, it is harder to recognize the use of false means to extract information.

Information Technology Act, 2000 (IT Act, 2000)

The IT Act, 2000 provides legal recognition to transactions done through electronic means. The following provisions cover the act of phishing:

Section 43 

Section 43 provides for ‘Penalty and compensation for damage to a computer system’. Sub-section (i) of the provision deals with phishing. This provision talks about damaging or altering any information in a computer source. It states that if any party diminishes the value of any information, or affects it, they will be liable. As a result, such parties will be liable to pay damages by way of compensation to the parties affected.

Section 66 

Section 66 provides for ‘Computer-related offences’. It serves as an extension of Section 43. It states that any party who dishonestly participates in the acts mentioned under Section 43, is liable. The penalties provided are imprisonment for up to three years or a fine up to ₹5 lac or both. 

Section 66 C

The provision provides for ‘Identity Theft’. It penalizes any party that uses any unique identification of another party. The penalty laid down under the provision is imprisonment for a term up to three years or a fine of up to ₹1 lac. 

Section 66 D

Section 66 D provides for ‘Punishment for cheating by personation using computer resource’. It states that any party who cheats by personation will be held liable under the Act. The penalty for such parties is imprisonment for up to three years or a fine of ₹1 lac.

Telecom Commercial Communications Customer Preferences Regulations, 2018

Rule 3

Rule 3 falls under ‘Commercial Communication through Access Provider Network’. It states that access providers should ensure registration of any commercial communications. Additionally, it provides for continued unsolicited communication. In the case of unsolicited communication persisting, telecom resources get disconnected. The petitioner claims that telecom companies have a duty to stop phishing activities. However, due to inaction from these companies, this was not possible. Thus, many customers of the petitioner were defrauded. 


Phishing has become a growing threat to the world. This is due to the development and advancement of technology. In light of recent events, it is clear that even large corporations are not safe from phishing. While the parties are yet to reply to the notice, it may be assumed that there will be an increase in the number of cases. Hence, the judiciary has the responsibility to lay down precedent and prevent phishing. is now on Telegram. Follow us for regular legal updates and judgements from the court. Follow us on Google News, InstagramLinkedInFacebook & Twitter. You can also subscribe to our Weekly Email Updates. You can also contribute stories like this and help us spread awareness for a better society. Submit Your Post Now.

About the Author