The Indian Cybercrime Coordination Centre (I4C), operating under the Ministry of Home Affairs, has unearthed a disturbing trend: Canva phishing domains are now being exploited for hosting criminal operations, including the creation of fraudulent documents. A notice has been served to Canva to stop this.
Other platforms for creating visuals and editing images are also on the radar.
Canva, a globally recognized online visual communications platform headquartered in Australia, provides users with an array of templates for presentations, documents, websites, social media graphics, and more. Despite News18’s attempt to seek comment from Canva, the company has remained silent on the matter.
The Growing Concerns and Legal Dilemmas
According to Amit Prasad, founder and CEO of SatNav Technologies, the proliferation of graphic designing tools has significantly heightened the risk of fraudulent activities. While in the past, basic MS Office editing sufficed for document forgery, the evolution of technology has enabled more sophisticated methods of deception. However, Prasad underscores the complexity of holding these companies accountable, as they merely provide design capabilities, not control over the end usage, which may have criminal implications.
Canva’s Predicament and Regulatory Action
With a staggering user base of 170 million across 190 countries, Canva’s platform has become an attractive target for exploitation. Despite boasting only 17 million paid users as of March 2024, the platform’s accessibility and versatility make it susceptible to abuse. Consequently, I4C has issued a notice to Canva, urging swift action against the misuse of its services, particularly for generating fraudulent documents and phishing materials.
The appointed senior official has invoked the Information Technology Act-2000 and IT Rules to demand the removal of malicious content within a stipulated timeframe. Failure to comply could jeopardize Canva’s intermediary exemptions under the IT Act and IT Rules, exposing the platform to legal repercussions. Sources within the ministry have revealed that criminals are leveraging Canva’s templates to lure unsuspecting individuals into cyber frauds, job scams, and financial schemes.
Despite Canva’s assertion that its platform empowers users to create aesthetically pleasing content across various mediums, the misuse of its services poses a grave threat to cybersecurity. As the authorities strive to combat this emerging cyber threat, it remains imperative for online platforms like Canva to bolster their security measures and collaborate with law enforcement agencies to safeguard users against malicious activities.
In summary, the discovery of Canva phishing domains by the Indian Cybercrime Coordination Centre underscores the pressing need for enhanced vigilance and regulatory measures in the digital landscape. Canva’s role in facilitating criminal activities highlights the intricate challenges faced by online platforms in balancing user empowerment with cybersecurity concerns.
