top of page


Updated: Feb 20, 2022

Written by - Apeksha Kushwaha



E-mail is the most preferred form of communication that has developed in recent years. A million e-mails traverse around the globe daily. This unprotected transversion of emails from one source to another creates a loophole for Delinquent minds. A person likely to commit a crime finds email as a tool, quick and feasible. One may not even know about the various crimes that they face over e-mailing platforms. Vital crimes that are performed over the internet are:

· Email spoofing

· Sending threatening emails

· Email bombing

· Defamatory emails

· Email frauds

· Sending malicious codes through email


A spoofed email is one that appears to originate from one source but, actually emerged from a distinct source. It is done by, using a fake name and/or e-mail address. Usually, the email is sent using the identity of the original or desired sender of the e-mail that the victim feels safe to access.

Certain web-based email services like, offer a facility wherein a sender can enter the email address of the purported sender of the email. A person can use such services to send viruses, trojans, worms, etc. to persons who would unknowingly download them.

Under section 66D of the IT Act, punishment is prescribed for ‘cheating by personation by using computer resource’. It says, that whenever a person cheats by personation, by means of a communication device or computer related resource, shall be punished with imprisonment of either a description for a term that may extend to 3 years and shall also be liable for a fine which may extend up to Rs. 100000.


Anyone with basic knowledge of computers can easily become a blackmailer in order to threaten someone via e-mail. Section 66A (a) and (b) [i] deals with crimes like cyberstalking, defamation, bullying, morphing, insulting, extortion, obscenity in electronic form, criminal intimidation, and a threat to cause injury, etc. Offences under section 66A are punishable with imprisonment for a term that may extend to three years and with a fine.

Various incidents like texting i.e., sending persistent text messages, and sexting i.e., sending sexually explicit photographs/ MMS have emerged as a major cyber offence faced by the victims. Both texting and sexting are covered under the sections of the Information Technology Act, 2000.


Sending a large number of emails to someone that ultimately crashes the receiver’s email account, irrespective of its nature is known as e-mail bombing. Terrorism has hit the internet in the form of mail bombings. The shutdown of the entire system of the victim of cyber-attack leads to the destruction of information. Thus, even email bombing would amount to mischief under section 425 of the Indian Penal Code.[ii]


Defamation means, the intentional publication of some false information or statement about someone that can demean or injure his/her reputation in society.

When someone sends e-mails containing defamatory information about someone, it would amount to cyber defamation.


Hacking of email account using various tools is referred to as email fraud. It can be done by sending spoofed emails, sending spam emails, or attaching emails with malware embedded, or hacking the email using OTP in case of two-factor authentication.

Once hacked, email can be used to send SOS emails to the contacts of the victim, sending offensive messages to clients in case of business in order to destroy the reputation, or having unauthorized access to mail to gain access to other accounts like social media, net banking, etc.


A code that leads to malware or a virus on a computer can be said to be malicious code. It can also create various issues like destroying or crippling various valuable property of the user and making the computer or the set of computers vulnerable to other malware attacks. It can disrupt every connection that the victim makes through the affected computer.


o Two-factor authentications: two-factor authentications can prove to be of great use. It is one where you need to enter a code sent to your registered number whenever accessing the account through a non-reliable or on a system that was not previously used by you.

o Spam mails: do not open spam emails or click any link provided in any such mail. Also, try to ignore emails from unknown senders.

o Links: do not click on any decorative or suspicious link sent by anyone. In case you know the sender confirms once before opening the link as in case their mail has been compromised, you will also be at risk. Also do not click on links sent through any other social media platform or a simple text message as that may contain malware.

o Long and strong passwords: email passwords should be long and strong in order to prevent, hackers. A preferred password should be of at least 8 characters and include a special character, uppercase, lowercase, and one numeral.

o Logging out of devices: logout all devices after use. Do not leave email logged in as anyone getting physical access to your device will ultimately have access to the mail id.

o Change password: do not share the email id password with anyone, also change it at regular intervals.

o Lock screen: always have a pin to protect your device so that your device is not accessed easily by anyone, and never leave your device unattended in public.


1. Contact the service provider: the email service provider should be contacted and requested to temporarily block the email account. This will prevent misuse by the hacker.

2. Inform all contacts: inform all your contacts personally as they also become vulnerable to receive spam, malware embedded mails from your email id.

3. Inform all other platforms: all other platforms where your email id works as a communication address shall be informed at once so that further accounts like social media accounts, net banking account, etc. are safe from further disturbance.


If any further emails have been sent by your email id by the hacker, or a malware embedded email or any threatening email, just take a screenshot of the same and take a printout of the same.

1. Collect documentary evidence (e.g., bank transaction statements, screenshots, etc.)

2. Lodge a complaint at the nearest police station, provide details about the entire incident. Also, submit the documents that work as proof of the same. [iii]

[i] Information Technology Act, 2000 [ii]Gauri Manglik and Vandana Pai, “internet crimes: effectiveness of the laws in force”, SCJ 2000 Vol. 1 p 45-46 [iii]CYBER CRIME UNIT DELHI POLICE, available at:

205 views0 comments

Recent Posts

See All


bottom of page