Criminal Law
Cyber Crime: What to Do in the First 24 Hours
If you've been targeted by online fraud, identity theft, or a serious data breach, the first day is the most important. A practical checklist for what to do and where to report.
Most cyber crime cases that fail in court fail because the victim destroyed or modified critical evidence in the first few hours. Acting fast is essential — but acting correctly is more important than acting quickly.
Step 1: Don't touch the evidence
Do not delete messages, emails, or screenshots — these are evidence
Don't reset your phone or reinstall apps
Don't try to log into the compromised account from a new device
Don't reply to or confront the perpetrator
Step 2: Stop financial bleeding
If money has been transferred from your account, call your bank immediately — most banks have a fraud helpline that can flag transactions for chargeback if reported within hours. The Reserve Bank's rules on zero liability protect customers who report within three working days.
Step 3: Document everything
Take screenshots showing timestamps, URLs, and full message threads. Save email headers (not just the body). Note dates, phone numbers, transaction IDs, and IP addresses where visible. Sign and date a written timeline of events.
Step 4: File a report
File a complaint on the National Cyber Crime Reporting Portal (cybercrime.gov.in)
Visit the nearest cyber crime cell with printed evidence
File an FIR if a cognizable offence is involved — under the IT Act sections 66, 66C, 66D
Keep certified copies of all complaints filed
The Cyber Crime Reporting Portal logs your complaint regardless of jurisdiction. The local police station cannot refuse to register an FIR for a cognizable cyber offence.
The Brief · daily newsletter
One short legal explainer in your inbox, every weekday morning.
