Losses from digital financial fraud have dominated headlines over the past half decade, impacting not only people’s trust in the digital ecosystem but also businesses operating within it. In this study, we move beyond headline numbers to examine the underlying vulnerabilities that fraud perpetrators exploit. To unpack these nuances, Aapti Institute, in partnership with DeepStrat, and with support from IIMA Ventures, undertook an exploratory study on digital financial fraud, approaching the issue beyond questions of user awareness alone.

We draw insights from primary data sourced from law enforcement and closely examine victim experiences, perpetration tactics, and gaps in detection and redressal mechanisms. Through this analysis, we identify critical vulnerabilities at both the user level (emotional and cognitive) and the product level, alongside structural weaknesses such as underreporting, limited recovery pathways, fragmented stakeholder coordination, and insufficient real-time protections against social engineering and emerging threats.

As part of the research, we develop a taxonomy of fraud that maps fraud tactics across stages of the user-perpetrator interaction, along with a comprehensive set of user and product vulnerabilities mapped to this user journey, with examples using three user personas. The report also includes two product case studies; of a fintech platform and a communication platform, to illustrate how vulnerabilities are exploited in practice, and to highlight measures through which platforms have attempted to plug, or could plug, these gaps.

Finally, through a multi-stakeholder framework that applies people, product, and policy lenses, we propose a set of recommendations to strengthen ecosystem resilience, with the aim of rebuilding trust, reducing losses, and reinforcing the integrity of India’s digital financial ecosystem.

You can read the full report below.