Top News

Tourist states in India are becoming a hunting ground for cyber criminals. There has been an alarming rise in cybercrime across popular tourist destinations, with a sharp spike in online fraud and digital scams targeting travellers, the latest data shows.

Goa, Kerala, Himachal Pradesh, Jammu and Kashmir, and the Andaman and Nicobar Islands  – all known for their scenic beauty and steady tourist footfall – have recorded dramatic increases in cybercrime incidents over the past four years.

According to sources, the data was discussed during a meeting last month where top cyber agency officials raised concerns about the growing digital dependence in travel, making these destinations lucrative hunting grounds for cyber criminals. It was also decided to increase awareness campaigns in view of the upcoming tourism season, the sources said.

In Goa, one of India’s most visited beach destinations, cybercrime cases have increased more than fivefold since 2021. Kerala, often called ‘God’s own country’, has also reported a threefold surge in digital fraud cases, while hill states like Himachal Pradesh and J&K have seen similar patterns. Even smaller union territories, such as the Andaman and Nicobar Islands, which attract thousands of tourists annually, have reported a steady doubling of cybercrime cases.

In Goa, cybercrime cases have risen from just over 550 in 2021 to close to 3,700 by August 2025 – an increase of more than 55 per cent. Kerala recorded a jump from 6,548 cases in 2021 to close to 31,260 in 2025, marking an increase of over 33 per cent.

Himachal Pradesh reported a percentage rise, climbing from 2,024 to 10,000 cases in the same period, while J&K saw an even higher growth of about per cent, with cases going from 2,515 to 12,800. Even smaller territories like the Andaman and Nicobar Islands, though reporting fewer total cases, witnessed a 108 per cent increase – nearly doubling their cybercrime figures in four years.

Authorities attributed this surge to the growing use of digital payment systems, online travel platforms, and social media-based marketing in the tourism industry. With nearly every stage of travel – from booking hotels and transport to paying local vendors – now being conducted online, cybercriminals are exploiting vulnerabilities in both technology and human trust.

“Tourists are increasingly being lured by fake hotel booking sites, social media travel deals, or fraudulent QR codes for digital payments," said a senior official who attended the meeting. “Many of these scams are run by organised networks that operate across states, making detection and prevention difficult."

In destinations like Goa and Kerala, police have also noted a rise in cases involving social media scams – where fake profiles of travel bloggers, influencers, or local businesses are used to lure tourists into fraudulent transactions.

“The line between the digital and physical world has blurred for travellers," said a cybersecurity analyst. “A holiday photo or location tag on social media can make someone a target."

In Goa, police arrested a 25-year-old from Madhya Pradesh for running a fake hotel website racket across India. He allegedly created and impersonated resort websites using legitimate hotel names and lured customers to transfer money to fraudulent bank accounts.

Also in Goa, the CBI registered an FIR over a “fake villa" scam. The accused allegedly listed a property (Ruby Villa) on platforms like Booking.com, took an advance of Rs 20,000, but the villa did not exist.

Law enforcement agencies have begun stepping up efforts, with several states setting up dedicated cyber police stations and launching awareness campaigns for both tourists and local businesses. In Himachal Pradesh and J&K, authorities have issued public advisories urging visitors to verify hotel listings and avoid making digital payments to unknown sources.