Authored By: Shivam Chaurasiya
Guru Ghasidas Vishwavidyalaya Bilaspur Chattisgarh
In this evolving era of technical society, people have become increasingly dependent on various gadgets that make life simpler and faster. With the help of the internet, people throughout the world are now continuously connected. However, this connectivity comes with side effects; computers and the internet can pose serious threats to our personal and professional lives.
Cybercrime is a dangerous and growing reality. In India, the Information Technology (IT) Act, 2000 serves as the primary law to tackle these issues, providing legal recognition to electronic records and digital signatures.
Fake profile used for loan fraud . criminal liability under section 66(c) and 66(d) of IT Act
Section 66(c) of information technology Act,2000 :- it criminalizes identity theft and fraudulent uses of another person electronic signature, password or other unique identification features. Punishment is upto 3 yr or fine of one lakh or both.
Section 66(d) of information technology Act,2000 :- it also criminalizes cheating by personation using a computer resources. Punishment is same of section 66(c) of IT Act.
Case name: Pankaj kumar @Guddu vs the state of bihar. Cr.Misc.no: 88474 of 2024 in the High court of patna. In this case petitioner is alleged for committing cyber fraud by luring innocent people for getting loan from Dhani finance using fake SIM and fake account. Actually, petitioner seeks bail instituted for his offence under section 66(c) and (d) of information technology Act,2000. The court found that petitioner name is not in FIR. The court also found that the police has recovered one mobile, laptop, printer, finger scanner, keyboard- mouse from the house and shop of the petitioner but, the petitioner have no connection with the alleged cyber fraud. The court granted bail to the accused. The case aptly describe the scenario of loan fraud by making fake profile.
Case name: Smt. Madhulika Sharma v the state of Karnataka. CRL.P 9710/2017 in the high court of Karnataka (2023). In this case the petitioner, smt. Madhulika sharma, is wife of the respondent. Actually, the respondent filed a complaint alleging that the petitioner conspired with a chartered accountant to hack into the directorate of income tax website and obtain the respondent’s form 26AS details by creating a fake user id, password, and email id. The cyber crime police filed a charge sheet under the sec 66(c) and 66(d) of IT Act.
There is a legal issue that whether it is punishable offence under sec- 66 (c) and 66(d) of IT Act, meaning it is fraudulent or dishonest activity in IT, Act or not. Section 24 and 25 of Indian penal code, 1860 or sec 2(7) and 2(9) of Bharatiya Nyaya Sanhita,2023 respectively deals about it.
Judgment: Actually, the case was between the husband-wife, meaning respondent and petitioner. The court held that the petitioner act (fake credentials) was done to produce evidence before the maintenance court for claiming maintenance under section 125 of cr.p.c. since, there is no such intention for the respondent, the definition of fraudulent and dishonestly doesn’t apply. Sec 66 (c) and (d) also not attracted.
Judgment attached…..
Case name; Ravari kiran kumar vs The home department of Maharashtra. APL/771/2020 (18 nov 2021), Bombay high court. Ravari the applicant filed under section 482 of CR.P.C to quash the FIR (first information report). The applicant alleged for the offences under section 66 (A) and (C) of IT Act, 2000. The alleged offence was fraudulent or dishonestly use of another’s signature, password or other. The legal issue arises that, is FIR or charge sheet disclose an offence under section 66(c) of IT Act. The court examined FIR and charge sheet and found no material to show, that the applicant do fraudulent or dishonest activity like copying electronic signature, password of another person. In conclusion The Bombay High Court constituted that applicant is solely sending email to other and that doesn’t constitute offence under section 66(c) of IT Act and quashed the FIR.
Judgment attached…
In the 1st case i.e Pankaj kumar @Guddu vs the state of bihar clarifies the incident that can aptly describe the current issue (fake profile uses for loan fraud) that relates to sec- 66(c) & (d) of IT Act.
The 2nd case i.e Smt. Madhulika Sharma v the state of Karnataka deals exception in the IT Act regarding the marital relation (husband-wife relation for claiming maintenance).
The 3rd case i.e ; Ravari kiran kumar vs The home department of Maharashtra deals about jurisdiction or quashing of FIR in IT Act.
Jurisdiction for FIR in cyber crime
pursuant to the section 154 of CR.P.C or 173 of BNSS deals about information in cognizable offences. The FIR can be lodged in any police station (preferred local police station). The high court have jurisdiction to quash an FIR, if accused doesn’t involve in the cyber crime (under section 482 of CR.P.C or 528 in BNSS). Case law;- Ravari kiran kumar vs The home department of Maharashtra.
Fake profile–based loan fraud represents a sophisticated form of cybercrime involving impersonation, misuse of digital identity, and exploitation of financial technology platforms. Such fraud typically involves the creation of fabricated online identities, forged KYC documentation, and manipulation of digital authentication systems. Sections 66(c) and 66(d) are particularly relevant in addressing these offences because they criminalize both identity misuse and cheating by personation. However, practical challenges persist. First, digital evidence collection requires technical expertise and adherence to procedural safeguards under the Indian Evidence Act. Second, jurisdictional issues arise because cyber offences may transcend territorial boundaries. Third, establishing mens rea in digital contexts often depends on circumstantial electronic evidence, which can be vulnerable to tampering or misinterpretation. From a policy perspective, stronger digital literacy, enhanced forensic infrastructure, and coordinated regulatory oversight are essential. The judiciary’s insistence on proving fraudulent intent ensures fairness but also necessitates robust investigative mechanisms. Therefore, while the statutory framework is conceptually sound, its effectiveness depends on institutional capacity and procedural rigor
Section 66(c) of the IT Act criminalizes identity theft, including the fraudulent or dishonest use of another person’s electronic signature, password, or unique identification feature.2 The punishment prescribed is imprisonment up to three years, or a fine up to one lakh rupees, or both. Section 66(d) criminalizes cheating by personation using computer resources.3 These provisions must be read alongside the definitions of “dishonestly” and “fraudulently” under Sections 24 and 25 of the Indian Penal Code, 1860.4 A key analytical issue arises regarding the mental element (mens rea) required under these provisions. Courts have consistently emphasized that mere technical access or unauthorized use is insufficient; the prosecution must establish dishonest or fraudulent intention. Thus, the statutory framework reflects a balance between preventing misuse of digital identity and safeguarding individuals from excessive criminal liability
Conclusion:-
All the case that were discussed (supra) were solely related to the Information Technology Act,2000 and its sec-66(c) & (d) were criminalizes the dishonest or fraudulent activity. Fraudulent activity were done by making fake id, profile, account or business for collecting unlawful gain (money) from others.
