#FactCheck - "Viral Video Misleadingly Claims Surrender to Indian Army, Actually Shows Bangladesh Army”

Executive Summary:

‍

Our team has come across a recent social media post highlighting a report on fraudulent activities involving deceptive websites and emails impersonating India’s Oil Marketing Companies (OMCs). These phishing scams falsely promise LPG distributorships and retail outlet dealerships, aiming to extract money and personal information from unsuspecting individuals. We strongly urge the public to exercise caution and verify all information exclusively through official OMC channels to avoid falling victim to such fraudulent schemes.

‍

‍

‍

Claim:

‍

It has been reported that fraudsters are impersonating Indian Oil, Bharat Petroleum, and Hindustan Petroleum through fake websites and emails, promising LPG distributorships and seeking money from victims.

‍

‍

‍

‍

Fact Check:

‍

‍

After our research, we came upon more information about this topic and found out that the Press Information Bureau (PIB) has released an official notice confirming that fraudulent websites and emails are impersonating India's Oil Marketing Companies (OMCs), which include Indian Oil Corporation Ltd., Bharat Petroleum Corporation Ltd., and Hindustan Petroleum Corporation Ltd. The scams falsely promise LPG distributorships and retail outlet dealerships while demanding large sums of money from unsuspecting individuals. On June 19, 2019, this was confirmed. The PIB highlighted that OMCs have not allowed any person or organization to charge a fee for dealership selection. All authentic information on these offers is available at the websites of the OMCs: www.iocl.com, www.bharatpetroleum.com, and www.hindustanpetroleum.com. The general public is cautioned to rely only on these sources and report suspicious approaches to the offices of concerned OMCs. If someone finds such an approach, he should immediately contact the cybercrime branch. HPCL has issued alerts on fake websites and emails that promise LPG distributorships and jobs, mimicking official HPCL sites to deceive people.

‍

‍

‍

On the official website of HPCL list down the malicious URLs. They are mentioned below:

• https://kskdealerchayan.com/
• bajajgas.com/index
• hindustanbiofuel.in
• petrolpumpchayanonline.com
• dealerchayanpetrolpump.in
• petrolpumpdealarchayan.com
• petrolpumpsdealerchayan.co.in
• petrolpumpdealershipchayan.org.in
• petrolpumpdealerchayangov.in
• petrolpumpdealership.info
• petrolpumpsdealershipchayan.in
• allindiagasdealership.com
• hindustanpetroleum.online
• hindustanpetroleumcorp.com
• hpcldelership.com
• ujjwalalpgvitarak.org
• ujjwaladealership.com
• lpgvitrakkendra.com
• kissansevakendra.org
• lpgvitarakchayanltd.org
• petrolpumpdelerchayan.in
• petrolpumpdealerschayan.in
• petrolepumpsdelearchayan.in
• kissansevakendra.org
• petrolpumpdealerchayanpro.com
• petrolpumchayanweb.com
• onlinepetrolpumpdealerchayan.com/

‍

HPCL also shared an advisory for their applicants regarding Beware Of Fraudsters.

‍

‍

Conclusion:

‍

It has been proven that fraud offers for LPG distributorships and retail outlet dealerships are being made through fake websites and emails. To avoid such scams, people are advised to be more vigilant, verify all information through official OMC platforms, and immediately report any suspicious activities to the concerned authorities. Being alert and informed is the key to preventing financial loss and protecting personal data from exploitation.

• Claim: Is this HPCL approval letter for an LPG agency dealership legit?
• Claimed On: Social Media 
• Fact Check: False and Misleading

Introduction

‍

Misinformation is no longer a challenge limited to major global platforms or widely spoken languages. In India and many other countries, false information is increasingly disseminated through local and vernacular languages, allowing it to reach communities more directly and intimately. While regional language content has played a crucial role in expanding access to information, it has also emerged as a powerful driver of misinformation by bad actors, and it often becomes harder to detect and counter. The challenge of local language misinformation is not merely digital in nature; it is deeply social, cultural, and shaped by specific local contexts.

‍

Why Local-Language Misinformation Is More Impactful

‍

A person’s mother tongue can be a highly effective medium for misinformation because it carries emotional resonance and a sense of authenticity. Information that aligns with an individual’s linguistic and cultural background is often trusted the most. When false narratives are framed using familiar expressions, local references, or community-specific concerns, they are more readily accepted and shared more widely.

Misinformation in a language like English, which is more heavily moderated, does not usually have the same impact as content in vernacular languages. In the latter case, such content tends to circulate within closed networks such as family WhatsApp groups, regional Facebook pages, local YouTube channels, and community forums. These spaces are often perceived as safe or trusted, which lowers scepticism and encourages the spread of unverified information.

‍

The Role of Digital Platforms and Algorithms

‍

Although social media platforms have opened up access to the content of regional languages, the moderation mechanisms have not kept up. The automated control systems for content are frequently trained mainly on the dominant languages, thus missing the detection of vernacular speech, slang, dialects, and code-mixing. 

This results in a disparity in the enforcement of laws where misinformation in local languages:

• Doesn’t go through automated fact-checking tools
• Is subject to human moderation takes place at a slower pace
• Is less prone to being reported or flagged
• Gains unrestrained access for a longer time period than first imagined

The problem is further magnified by algorithmic amplification. Content that triggers very strong emotional reactions fear, anger, pride, or outrage, has a higher chance of being promoted, irrespective of its truthfulness. In regional situations, such content may very quickly sway public opinion even in very closely knit communities.

‍

Forms of Vernacular Misinformation

‍

Local-language misinformation appears in various forms:

‍

• Health misinformation, with such examples as panic remedies, vaccine myths, and misleading medical prescriptions
• Political misinformation, which is mostly identified with regional identity, local grievances, or community narratives
• Rumours regarding disasters that are very hard to control and spread hatred during floods, earthquakes, or other public emergencies
• Economic and financial frauds that are perpetrated via the local dialect authorities or trusted institutions
• Cultural and religious untruths, which are based on exploiting the core of the beliefs

‍

The regional aspect of such misinformation makes it very difficult to be corrected because the fact-checks in other languages may not get to that audience.

‍

Community-Level Consequences

‍

The effect of misinformation in local languages is not only about the misdirection of individuals. It can also:

‍

• Negatively affect the process of public institutions gaining trust
• Support social polarisation and communal strife
• Get in the way of public health measures
• Help shape the decision-making process in elections at the grassroots level
• Take advantage of the digitally illiterate poor people

In a lot of scenarios, the damage done is not instant but rather accumulative, thus changing perceptions and supporting false worldviews more.

‍

Why Countering Vernacular Misinformation Is Difficult

‍

Multiple structural layers make it difficult to respond effectively:

‍

1. Variety of Languages: Just in India, there are many languages and dialects, which are very hard to monitor universally.
2. Culturally Aware Systems: The local languages sometimes bear meanings that are deeply rooted in the culture, such as by using sarcasm or referring to history, and automated systems are unable to interpret it correctly.
3. Reporting Not Common: Users might not spot misinformation or may not want to be a part of the struggle by showing the content shared by reliable members of the community.
4. Insufficient Fact-Checking Capacity: Resources are often unavailable for fact-checking organisations to perform their duties worldwide in different languages effectively.

‍

Building a Community-Centric Response

‍

Overcoming misinformation in local languages needs a community-driven resilience approach instead of a platform-centric one. Some of the key actions are: 

‍

• Boosting Digital Literacy: Users will be able to question, verify, and put the content on hold before sharing it, thanks to the regional language awareness campaigns that will be conducted.
• Facilitating Local Fact-Checkers: Local journalists, educators, and NGOs are the main players in providing the context for verification.
• Accountability of Platforms: It is necessary for technology companies to support global moderation in several languages, the hiring of local experts, and the implementation of transparent enforcement mechanisms.
• Contemplating Policy and Governance: Regulatory frameworks should facilitate proactive risk assessment while controlling the right to free expression.
• Establishment of Trusted Local Intermediaries: Community leaders, health workers, teachers, and local organisations can engage in preventing misinformation among the networks that they are trusted in.

‍

The Way Forward

‍

Misinformation in local languages is not a minor concern; it is an issue that directly affects the future of digital trust. As the number of users accessing the internet through local language interfaces continues to grow, the volume and influence of regional content will also increase. If measures do not include all language groups, misinformation will remain least corrected and most influential at the community level, where it is also the hardest to identify and address.

Such a problem exists only if the power of language is not recognised. Therefore, one can say that it is necessary to protect the quality of information in local languages, not only for digital safety but for other factors as well, such as social cohesion, democratic participation, and public well-being.

‍

Conclusion

‍

Vernacular content has the potential to be very powerful in the ways it can inform, include and empower; meanwhile, if it goes unmonitored, it has the same potential to mislead, divide, and harm. Mis-disinformation in local languages calls for the cooperation of platforms, regulators, NGOs, and the communities involved. To win over the digital ecosystem, it has to speak all languages, not only for communication but also for protection.

‍

References

‍

• https://www.mdpi.com/2304-6775/10/2/15
• https://afpr.in/regional-languages-shaping-indias-online-discourse/
• https://medium.com/@pratikgsalvi03/how-indias-misinformation-surge-and-media-credibility-crisis-are-undermining-democracy-public-dc8ad7be8e12
• https://projectshakti.in/
• https://journals.sagepub.com/doi/10.1177/02683962211037693
• https://rsisinternational.org/journals/ijriss/Digital-Library/volume-8-issue-11/505-518.pdf
• https://www.irjmets.com/upload_newfiles/irjmets71200016652/paper_file/irjmets71200016652.pdf

‍

Introduction

The Data Security Council of India’s India Cyber Threat Report 2025 calculates that a staggering 702 potential attacks happened per minute on average in the country in 2024.  Recent alleged data breaches on organisations such as Star Health, WazirX, Indian Council of Medical Research (ICMR), BSNL, etc. highlight the vulnerabilities of government organisations, critical industries, businesses, and individuals in managing their digital assets. India is the second most targeted country for cyber attacks globally, which warrants the development and adoption of cybersecurity governance frameworks essential for the structured management of cyber environments. The following global models offer valuable insights and lessons that can help strengthen cybersecurity governance.

Overview of Global Cybersecurity Governance Models 

Cybersecurity governance frameworks provide a structured strategy to mitigate and address cyber threats. Different regions have developed their own governance models for cybersecurity, but they all emphasize risk management, compliance, and cross-sector collaboration for the protection of digital assets. Four such major models are: 

1. NIST CSF 2.0 (U.S.A): The National Institute of Standards and Technology Cyber Security Framework provides a flexible, voluntary, risk-based approach rather than a one-size-fits-all solution to manage cybersecurity risks. It endorses six core functions, which are:  Govern, Identify, Protect, Detect, Respond, and Recover. This is a widely adopted framework used by both public and private sector organizations even outside the U.S.A. 
2. ISO/IEC 27001: This is a globally recognized standard developed jointly by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). It provides a risk-based approach to help organizations of all sizes and types to identify, assess, and mitigate potential cybersecurity threats to Information Security Management Systems (ISMS) and preserve the confidentiality, integrity, and availability of information.  Organizations can seek ISO 27001 certification to demonstrate compliance with laws and regulations.
3. EU NIS2 Directive: The Network and Information Security Directive 2 (NIS2) is an updated EU cybersecurity law that imposes strict obligations on critical services providers in four overarching areas: risk management, corporate accountability, reporting obligations, and business continuity. It is the most comprehensive cybersecurity directive in the EU to date, and non-compliance may attract non-monetary remedies, administrative fines up to at least €10 million or 2% of the global annual revenue (whichever is higher), or even criminal sanctions for top managers. 
4. GDPR: The General Data Protection Regulation (GDPR)of the EU is a comprehensive data privacy law that also has major cybersecurity implications. It mandates that organizations must integrate cybersecurity into their data protection policies and report breaches within 72 hours, and it prescribes a fine of up to €20 million or 4% of global turnover for non-compliance. 

India’s Cybersecurity Governance Landscape 

In light of the growing nature of cyber threats, it is notable that the Indian government has taken comprehensive measures along with efforts by relevant agencies such as the Ministry of Electronics and Information Technology, Reserve Bank of India (RBI), National Payments Corporation (NPCI) and Indian Cyber Crime Coordination Centre (I4C), CERT-In. However, there is still a lack of an overarching cybersecurity governance framework or comprehensive law in this area. Multiple regulatory bodies in India oversee cybersecurity for various sectors. Key mechanisms are: 

1. CERT-In Guidelines: The Indian Computer Emergency Response Team, under the Ministry of Electronics and Information Technology (MeitY), is the nodal agency responsible for cybersecurity incident response, threat intelligence sharing, and capacity building. Organizations are mandated to maintain logs for 180 days and report cyber incidents to CERT-In within six hours of noticing them according to directions under the Information Technology Act, 2000 (IT Act).
2. IT Act & DPDP Act: These Acts, along with their associated rules, lay down the legal framework for the protection of ICT systems in India.  While some sections mandate that “reasonable” cybersecurity standards be followed, specifics are left to the discretion of the organisations. Enforcement frameworks are vague, which leaves sectoral regulators to fill the gaps. 
3. Sectoral regulations: The Reserve Bank of India (RBI), the Insurance Regulatory and Development Authority of India (IRDAI), the Department of Telecommunications, the Securities Exchange Board of India (SEBI), National Critical Information Infrastructure Protection Centre (NCIIPC) and other regulatory bodies require that cybersecurity standards be maintained by their regulated entities. 

Lessons for India & Way Forward 

As the world faces unprecedented security and privacy threats to its digital ecosystem, the need for more comprehensive cybersecurity policies, awareness, and capacity building has perhaps never been greater. While cybersecurity practices may vary with the size, nature, and complexity of an organization (hence “reasonableness” informing measures taken), there is a need for a centralized governance framework in India similar to NIST2 to unify sectoral requirements for simplified compliance and improve enforcement. India ranks 10th on the World Cybercrime Index and was found to be "specialising" in scams and mid-tech crimes- those which affect mid-range businesses and individuals the most. To protect them, India needs to strengthen its enforcement mechanisms across more than just the critical sectors. This can be explored by penalizing bigger organizations handling user data susceptible to breaches more stringently, creating an enabling environment for strong cybersecurity practices through incentives for MSMEs, and investing in cybersecurity workforce training and capacity building. Finally,  there is a scope for increased public-private collaboration for real-time cyber intelligence sharing.  Thus, a unified, risk-based national cybersecurity governance framework encompassing the current multi-pronged cybersecurity landscape would give direction to siloed efforts. It would help standardize best practices, streamline compliance, and strengthen overall cybersecurity resilience across all sectors in India.
‍

References

• https://cdn.prod.website-files.com/635e632477408d12d1811a64/676e56ee4cc30a320aecf231_Cloudsek%20Annual%20Threat%20Landscape%20Report%202024%20(1).pdf 
• https://strobes.co/blog/top-data-breaches-in-2024-month-wise/#:~:text=In%20a%20large%2Dscale%20data,emails%2C%20and%20even%20identity%20theft. 
• https://www.google.com/search?q=nist+2.0&oq=nist+&gs_lcrp=EgZjaHJvbWUqBggBEEUYOzIHCAAQABiPAjIGCAEQRRg7MgYIAhBFGDsyCggDEAAYsQMYgAQyBwgEEAAYgAQyBwgFEAAYgAQyBwgGEAAYgAQyBggHEEUYPNIBCDE2MTJqMGo3qAIAsAIA&sourceid=chrome&ie=UTF-8 
• https://www.iso.org/standard/27001
• https://nis2directive.eu/nis2-requirements/ 
• https://economictimes.indiatimes.com/tech/technology/india-ranks-number-10-in-cybercrime-study-finds/articleshow/109223208.cms?from=mdr 

‍