The intersection of IP rights and cybersecurity as growing integration of tech and business increases risk of cyberfraud

Introduction

The growing integration of technology and business in India has greatly improved digital accessibility. However, it has simultaneously exposed citizens to a rise in cyber fraud. According to a press release from the Press Information Bureau on 8 October 2025, cybersecurity incidents in India have risen from 1 million cases in 2022 to 2.2 million cases in 2024. The Indian Cyber Crime Coordination Centre (I4C) under the Ministry of Home Affairs reported that Indians have lost approximately 7000 crores (US$791 million) to online scams in the first five months of the year 2025 alone.

Recent years have seen marked escalation in fraudulent schemes involving counterfeit products and services. Commonly, these scams imitate well-known brands to exploit consumer trust. Group-IB’s Digital Risks Trend 2023 report noted a 304 per cent increase in fraudulent activities mimicking popular brands since 2022 and warned that scammers are increasingly targeting new markets where consumers are less aware of their activities. Cybercrimes involving reputed brands and copyrighted content cause serious reputational and financial damage to intellectual property owners as they mislead legitimate consumers, erode brand credibility and reduce revenue. Consumers, in turn, are directly impacted with immense financial loss, data theft and privacy violations.

Different strategies adopted by cybercriminals

Cybercriminals employ diverse and increasingly sophisticated methods to defraud consumers by exploiting the credibility of well-known brands. Several common strategies include:

• Use of similar domain names/websites/mobile applications: One of the most prevalent methods involves registering domain names similar to official websites, using typographical variations, slight modifications, unusual extensions, use of sub-domains or alternate country code top-level domains. These fraudulent websites and mobile applications are often meticulously designed to visually replicate legitimate platforms, and mislead consumers.
• Ponzi and pyramid schemes: There has also been a resurgence of scams misusing established brand names, or impersonating key company officials to orchestrate quick-money schemes They usually demand small investments by promising unrealistic high returns. Such activities are often portrayed as legitimate by using forged government approval certificates, and operating covertly through encrypted messaging mobile applications or platforms, such as Telegram and WhatsApp.
• Fake job recruitment/distributor/franchisee schemes: Scammers impersonate genuine company or human resources representatives from well-known brands to target innocent jobseekers or potential business partners. Victims are tricked into paying upfront payments for securing high-paying job positions or obtaining distributor or franchise rights. They usually issue forged job offers or franchise agreements to substantiate their claims.
• Malware-based attacks: Malicious URLs exploit popular brand names to unsolicited and harmful content (drive-by downloads, device mirroring tools, viruses, spyware, ransomware, etc). Users are tricked into disclosing sensitive information such as login credentials, credit card details or personal data, and resulting in monetary losses, breach of personal data, identity theft, and unauthorised access to intellectual property.
• Hosting pirated content on their websites: There has been rampant piracy of copyrighted content such as movies, television shows, broadcast of popular games, etc. These materials are often made available for direct download on infringing websites. When such websites are restricted, several other mirror websites emerge instantaneously disseminating the infringing content.
• Phishing attacks using deepfakes: Artificial intelligence is being increasingly used to create highly convincing emails, voice clones, deepfake videos impersonating corporate executives, financial advisers and celebrities. These deepfakes are used to make fraudulent requests for fund transfer or sensitive data. Attackers also establish fake social media accounts to conduct financial or data theft.

Remedies available to brand owners

Government initiatives to enforce criminal action

The Indian Computer Emergency Response Team (CERT-In) established under the Information Technology Act, 2000 (IT Act) functions as a national agency for responding to cybersecurity incidents. CERT-In operates the National Cyber Coordination Centre (NCCC), which serves as a control room to facilitate coordination between different agencies to mitigate cybersecurity threats.

In order to address cybercrimes comprehensively, the Indian government has also set up the I4C. A core component of I4C is the National Cyber Crime Reporting Portal (NCRP), which allows the public to report cybercrime, so that prompt criminal action can be initiated under the provisions of the IT Act, and the Bhartiya Nyaya Sanhita 2023 (BNS) (Indian penal law). In January 2024, NCRP introduced a ‘Report suspect’ feature for quick reporting of suspicious websites.

Both cybercrime victims and intellectual property right owners can initiate criminal proceedings against such activities. However, electing criminal law remedies present several challenges, especially when the scale of operations is spread across multiple platforms and websites (requiring court orders for blocking access to the fraudulent URLs).

Domain name complaints/takedowns

Action can be taken against unauthorised domain names resembling well-known brands. Complaints against domain names ending with country code top level domain names .in, co.in and .bharat can be filed with the National Internet Exchange of India (NIXI). Complaints against top level domain names such as .com can be filed with various authorities under the Uniform Domain Name Dispute Resolution Policy (UDRP). The UDRP permits filing complaints against multiple domain names if they are registered by the same individual.

Although domain name proceedings provide quick relief, they often fail to be an effective tool against fraudulent websites which frequently mushroom with minor alterations after they have been taken down. Moreover, it is difficult to attack their entire operation spread across multiple websites, mobile applications, social media platforms and communication platforms.

Civil suits

Court action in the form of a civil suit provides a holistic remedy against brand-related cybercrimes. Over the past decade, Indian courts have increasingly recognised the scale of online piracy and fraud, and have become very liberal in granting injunctions.

The Delhi High Court in UTV Software Communication Ltd and Ors v 1337X.TO and Ors, CS(COMM) 724/2017 (UTV Software) recognised the concept of ‘rogue websites’, and outlined key factors to identify such websites, including:

• whether the primary purpose of the website is to commit infringement;
• degree of flagrancy of the infringement or facilitation of infringement;
• use of masked and untraceable registrant details;
• evidence of the website owner’s disregard for intellectual property rights;
• failure to respond to takedown notices; and
• high volume of traffic or frequency of user access to the website, etc.

The Court emphasised the need to adopt a qualitative rather than a quantitative approach while evaluating rogue websites. Relying on the earlier Division Bench judgment in Department of Electronics and Information Technology v Star India Pvt Ltd, FAO(OS) 57/2015, the Court acknowledged that blanket blocking orders against entire websites are the most effective measure, as continuously identifying and blocking individual infringing websites is impractical. This difficulty is compounded by the tendency of rogue websites to modify their URLs frequently through minor alphanumeric variations.

In civil suits of such nature, the plaintiffs may implead websites/domain names which are recognisable at the instance of filing the suit and seek injunctions against John Doe defendants (unnamed defendants whose identity is unknown at that time and may be using fictitious identities). Such cases also typically include domain name registrars (DNRs), and any other intermediary platforms which may be hosting or advertising infringing content (Google, WhatsApp, Telegram, social media platforms, etc). In cases involving financial frauds, payment gateway platforms, banks and telephone operators are also impleaded to help unmask the details of the persons profiting from the fraud, and to freeze bank accounts or mobile numbers involved in illegal activity.

Courts usually order intermediary platforms and DNRs to promptly takedown, remove, block or suspend domains, URLs, or posts associated with infringing content. Courts may further direct payment gateway platforms, banks and telephone operators to block, suspend or delete specified mobile numbers and bank accounts, and require them to disclose the complete Know Your Customer (KYC) documents and bank statements of the implicated parties. Courts also direct National Cyber Cell and relevant cyber police stations to conduct investigation and provide status reports to the court along with relevant information about the persons involved in the fraudulent activities. Government bodies such as the Ministry of Communications and the Ministry of Electronics and Information Technology (MeitY) are also instructed to ensure all ISPs block access to identified websites.

Evolving nature of reliefs granted by Indian courts

Dynamic injunction

In UTV Software, the Delhi High Court for the first time in India, recognised the ‘hydra-headed’ nature of rogue websites, which upon being blocked, actually resurface as alphanumeric or mirror websites. To address this, the court introduced dynamic injunction so that courts are freed from constant monitoring and adjudicating the issue of resurfacing websites, and the plaintiffs are not burdened from filing new suits.

Accordingly, the court allowed plaintiffs to implead any new website by placing on record an affidavit with sufficient evidence. It delegated powers to the joint registrars (court officers tasked with ensuring the parties’ compliance with the procedural aspects of the law applicable to the suit) to issue directions to ISPs to block access in India to such mirror websites.

Since this decision in UTV Software, various orders have been passed by several courts nationwide to prevent online piracy and consumer fraud.

Dynamic + injunction

Subsequently, the Delhi High Court in Universal City Studios LLC and Ors v Dotmovies.baby and Ors, CS(COMM) 514/2023, in order to keep apace with the dynamic nature of the infringement undertaken by hydra-headed websites, issued a dynamic+ injunction allowing the protection of copyrighted works as soon as they are created. Essentially, apart from the copyrighted works that were the basis of the suit, the plaintiffs were granted injunction even against their future works. The production studios can therefore demand the courts to block access of websites which host any pirated copies of their films/music or any other artistic work that are yet to be created.

Superlative injunction

Thereafter in Star India Pvt Ltd v IPTV Smarter and Ors, CS(COMM) 3365/2025, the court extended interim relief to permit real-time blocking of rogue websites irrespective of the mode of dissemination (website, mobile application, etc).

Accordingly, DNRs and ISPs were directed to block access to the infringing domain names/URLs on a real-time basis as and when notified by the plaintiff. This was specifically granted since the courts in India were closing for the summer vacation, which coincided with a major cricket tournament, to ensure that the plaintiff’s rights were not rendered futile in the virtual world when the infringement is actually taking place.

Such injunction orders demonstrate the creativity adopted by courts to respond swiftly and effectively to the sophisticated strategies employed by cybercriminals and ensure that judicial protection is able to keep pace with technological changes, and safeguard intellectual property rights and consumer interests.

Scope of omnibus injunctions

Courts have also considered requests for broad ‘omnibus injunctions’ that direct DNRs not to register any domains containing a registered or well-known trade mark. The Bombay High Court in Hindustan Unilever Limited v Endurance Domains Technology LLP and Ors, LC-VC-GSP-24 of 2020, noted that availability of a domain name by DNRs is an automated process, and refused to grant an order restraining the DNR from allowing registration of any domain name/website containing words that would infringe the registered trademarks.

Even in Bundl Technologies Pvt Ltd v Aanit Awattam alias Aanit Gupta and Ors, Commercial IP Suit (Lodging) No. 26549 of 2022, while the court refused to grant an omnibus and global temporary injunction, it recognised that the nefarious activities of the defendants had caused significant losses to the plaintiff and consumers alike. Accordingly, it ordered that DNR to notify the plaintiff whenever a domain name containing the plaintiff’s trademark is registered, such that the plaintiff could take appropriate action against such domain name.

In contrast, the Madras High Court in Galaxy Health Insurance Company Ltd v Hostinger Operations UAB, C.S. (Comm.Div.) No. 116 of 2025, granted a preliminary order restraining the DNR from offering or registering any domain name comprising the plaintiff’s registered trademark if the domain name applicant has an Indian business address. It is pertinent to note that this is a preliminary order and the DNR has not yet entered appearance to defend its stance.

Batch of matters seeking probable solutions pending before court

The Delhi High Court has grouped multiple suits involving widespread misuse of well-known trademarks, such as Dabur, Microsoft, Amazon, Tata and Amul, etc. The aim is to address larger issues involved in these matters and devise a potential mechanism to tackle the large-scale use of deceptive domain names imitating well-known trademarks/brand names. This batch of matters impleads the Internet Corporation for Assigned Names and Numbers (ICAAN), many DNRs, a large number of banks, MeitY, the Department of Telecommunications (DOT), NIXI, and government investigation authorities to assist the court in finding viable solutions.

During these proceedings, the court has passed several effective orders, including, directions to DNRs for the appointment of grievance officers in India and disclosure of registrant details implicated in these matters. The court is now primarily tasked to decide on the possibility of grant of omnibus injunctions against DNRs, as well as the validity of privacy features offered by the DNRs which allow the registrants to hide their details using privacy features. A judgment has been reserved by the court, and is likely to be pronounced in the coming months.

Preventive steps to be taken by stakeholders and IP owners

Given the accelerating pace and sophistication of cybercrimes involving intellectual property, IP owners must adopt proactive and preventive strategies such as:

• Swift action against identified threats: Once any fraudulent website, mobile application, or social media handle impersonating a brand is identified, immediate legal and technical action should be initiated. IP owners must coordinate with DNRs, ISPs, e-commerce platforms, social media platforms, and relevant law enforcement agencies to block access to the identified websites and initiate takedown and suspension requests. If necessary, brands should also approach courts swiftly demanding for the grant of dynamic injunction to prevent proliferation of websites.
• They may also report instances of suspicious websites/domain names to the NCRP and I4C which can expediate immediate action against such websites, and initiate investigations against the persons behind such nefarious activities.
• Constant monitoring of fraudulent activities: Brands should employ advanced online brand protection tools, watch services, Internet sweep services and AI-based monitoring mechanisms to track domain name registrations, social media and website impersonations misusing their trademark. They may also establish a dedicated in-house cyber monitoring team or partner with digital threat intelligence agencies to flag suspicious activities.
• Consumer awareness and communication: Once fraudulent domain names or scams have been identified, brands should promptly issue advisories through their official websites, verified social media handles and email notifications alerting their consumers to beware of such scams. They must educate their consumers in identifying the official modes of engagement, their verified URLs and websites and how they can distinguish between genuine and fraudulent websites. Brands, especially those involved in the financial, banking and insurance sectors which are at high risk of being targeted, can also undertake periodic consumer education campaigns about phishing, fake job offers, fraudulent investment schemes, etc, which can significantly reduce susceptibility to such criminal activities.

Conclusion

The increasing sophistication of cyber frauds and their intersection of intellectual property violations with financial crimes require a unified policy driven approach and coordination amongst different enforcement agencies. While existing frameworks such as the government initiatives to report such crimes and judicial approaches by the courts have collectively strengthened the country’s response to cyber threats, the enforcement agencies are failing to catch up with the ever-evolving cybercriminals.

Legislative reforms should focus on enhancing intermediary accountability, mandating transparency during domain name registration and fortifying standards for data sharing and privacy. Practical solutions can be discussed and deliberated upon with regulatory stakeholders such as NIXI and banking associations to maintain a list of well-known trademarks and ensure that domain names, bank accounts, and Unified Payment Interface (UPI) IDs bearing such names are not allocated to unauthorised persons. Moreover, governments and corporations should invest in imparting digital literacy and cyber hygiene campaigns to prevent such cybercrimes, and safeguard consumers and intellectual property owners. There is a pressing need for an existence of a collaborative ecosystem with robust technological infrastructure, swift judicial recourse and inter-agency cooperation across national and international jurisdictions.