top of page

Cyber Security and Social Media

The growing use of smartphones and internet access has made social networking one of the most common online practices. Social networking lets users interact, chat, and exchange information, photos, or videos with others around the world. Some of the popular social media platforms are Facebook, Instagram, LinkedIn, WhatsApp, Snapchat, YouTube, Tinder, Hike, Twitter, etc. The massive growth in the usage of social media sites / social networking networks has given cybercriminals a breeding ground for engaging in illicit activities.

Popular web media with too many active users are a scammer 's dream. Scammers may attempt to entice you by uploading dramatic or emotional breaking news headlines to click on; often capitalizing on a current news incident, or making up a fictional, surprising news item. The reasons are the same; scammers try to exploit certain myths for some potential financial gain.

Several different types of tactics will be used by scammers to try and trick you into wanting to take the trap. One should always keep few things in mind such as; Should not consider requests from strangers on social networking sites; If you do not know a person in real life, don't believe them; Do not post your personal information on social media, such as emails, telephone number, date of birth etc; Don't share your sensitive personal photos and social media videos; and many other important steps to keep in mind always.

Social platform attackers target websites with huge user bases like Facebook, LinkedIn, Twitter, Instagram, and others. Facebook reports that 50 million to 100 million of its active users' accounts are fake duplicates and that as many as 14 million of those are "undesired" on the site.

After becoming the target of cybercrime at different social media sites, many people continue to pay the price. After such bad experiences, many people even terminate their social media account and deactivate it. Deleting or deactivating the account is not the solution and will not reduce the chance of cyber-attack.

Initially, when using any social media platform, you must decide which knowledge to disclose and which is not. Nearly all social media site will allow you to decide how much information on the network you want to share with your peers and other users. As per your requirements, you can choose your privacy settings.

Cyber Security laws in India

Indian Penal Code, 1980

The Indian Penal Code (IPC), 1860: invoked along with the Information Technology Act of 2000: embodies identity theft and associated cyber fraud. The main relevant IPC section covers cyber fraud:

  1. Forgery (Clause 464)

  2. Forgery for cheating pre-scheduled (Section 468)

  3. False paperwork (Section 465)

  4. Presenting as genuine a forged document (Section 471)

Information Technology Act, 2000

The Information Technology Act regulates the Indian cyber rules. The essential purpose of this Act is to provide eCommerce with secure legal inclusiveness, enabling the registration with the government of real-time documents. But a series of amendments followed with the cybercriminals becoming sneakier, surpassed by the human propensity to exploit technology.

The ITA, passed by the Parliament of India, highlights the severe penalties and restrictions that safeguard the sectors of e-governance e-banking, and e-commerce. Now to cover all the new communication devices, the reach of ITA has been expanded. The IT Act is the key one, directing the entire Indian law to regulate cybercrimes rigorously:

Section 43: Applicable to individuals who, without the owner's permission, damaged computer systems. In such instances, the owner can fully claim compensation for the actual damage.

Section 66: Applicable if a person is found to have committed any act referred to in section 43 dishonestly or fraudulently. The term of imprisonment can be up to three years or a fine of up to Rs. 5 lakhs in such cases.

Companies Act, 2013

Under the company act of 2013, corporate actors refer to the legal obligation required to refine their daily operations. All the necessary techno-legal compliance is established in the directives of this Law, which legalises the less complying businesses.

The company act has authority to prosecute Indian firms and their directors through the SFIO (Serious Fraud Investigation Office). SFIOs have also become even more proactive and stern in this respect, following the notification of Company Inspection, Investment, and Inquiry Rules, 2014.

The legislature ensured that all regulatory compliance, including cyber forensics, electronic discovery, and cybersecurity, was well covered. Under the rules of Companies (Management and Administration), strict guidelines confirm that company directors and managers are obligated and responsible for cybersecurity.

NIST Compliance

A harmonised approach to cybersecurity as the world's most credible certifying body is the cybersecurity system, approved by the National Institute of Standards and Technology (NIST).

NIST Cybersecurity Structure provides all guidelines, standards and best practises required for responsible management of cyber-related risks. Flexibility and cost-effectiveness are the priority of this system. The resilience and security of the vital infrastructure are promoted by:

  1. Better interpretation, control, and risk mitigation – to reduce data loss, data abuse, and associated recovery costs.

  2. Identifying main events and essential activities - to ensure them

  3. Shows the trust of organisations that protect essential assets

  4. It helps prioritise the ROI for cyber protection.

  5. Answer regulatory and contractual conditions

  6. Supports the broader protection of information


With growing human dependence on technology, cyber laws need to update and refine in India and around the globe continuously. The pandemic has also forced several workers into a remote operating module to increase the demand for app protection. Legislators must go the extra mile to remain ahead of the impostors to prevent them from coming.

Cybercrimes are regulated, but joint efforts are required by legislators, Internet or network owners, intercessors such as banks and shopping centres and most of all, consumers. Cybercrimes are not controlled. It can only bring about online protection and resilience through prudent measures by these stakeholders to ensure that they contain their rights under cyber law.

Be careful and cautious about both sending and accepting a request from friends, particularly from unknown people. If you join some party over these social media sites, be careful. As also mentioned before, always try to verify an individual's identity before you send or accept any request from a friend. Avoid any request from those people who you do not know. Be careful when you must give too much personal information when you join any group.

Through being a little aware and alert when using social media sites, we will mitigate the possibility of cyber-attack or cybercrime. Do not share your password or any personal important information with friends or colleagues, or on any online form. To prevent credit/debit card theft, it is often recommended to stop exchanging information about your debit or credit card through such social media networks.

Written By: Ms. P. Renuka Sai, 2nd Year Law Student, Damodaram Sanjivayya National Law University, Vishakhapatnam, Law Intern at S. Bhambri & Associates (Advocates), Delhi.

13 views0 comments

Recent Posts

See All

I. BACKGROUND The advancement of internet trend has caused a shift in the business sector. Many business organisations have migrated to the internet realm of marketing and commerce, inc

Introduction Black’s law dictionary defines Double Jeopardy as: – A second prosecution after a first trial for the same offense. In India, protection against double jeopardy could be an elementary rig

bottom of page