BACK TO IT ACT
IT Act 2000AMENDED 2008

Section 66D

Punishment for Cheating by Personation by Using Computer Resource

THE STATUTE

Original Text

Whoever, by means of any communication device or computer resource cheats by personation, shall be punished with imprisonment of either description for a term which may extend to three years and shall also be liable to fine which may extend to one lakh rupees.

Simplified

Section 66D targets cyber-enabled fraud through impersonation — the modern form of cheating that exploits digital identity. The provision covers a wide spectrum of common cybercrimes: phishing emails impersonating banks or government agencies; fake social media profiles used to defraud contacts; scam calls where fraudsters pose as CBI officers, tax authorities, or tech-support agents; CEO fraud (business email compromise) where attackers impersonate senior executives to divert payments; and SIM-swap fraud where a fraudster impersonates a customer to obtain a duplicate SIM. The difference between Section 66D and Section 66C (identity theft) is subtle but important. Section 66C penalises the fraudulent use of someone's electronic signature, password, or other unique identification feature. Section 66D is broader — it criminalises any cheating through personation using a communication device, even if no specific identity feature is misappropriated. A scammer who creates a fake profile pretending to be a doctor to defraud patients of consultation fees may not steal any specific credential but commits cheating by personation under Section 66D. Unlike most cheating offences, the fine under Section 66D is mandatory ('shall also be liable to fine') rather than discretionary — the court must impose a fine in addition to any imprisonment. This is an important distinction in sentencing.

Common Queries

Yes. Creating a fake profile impersonating another person and using it to cheat or defraud others constitutes cheating by personation under Section 66D. Courts have confirmed this in multiple High Court judgments.
Yes. Section 66D uses the phrase 'shall also be liable to fine' — making the fine mandatory in addition to any imprisonment, unlike most IT Act offences where fine is discretionary.
CEO fraud (business email compromise) involves impersonating a senior executive via email to instruct employees to transfer funds. This squarely falls under Section 66D — cheating by personation using a communication device.

Legal Evolution

Section 66D was inserted by the IT (Amendment) Act 2008. The IPC provision on cheating by personation (Section 416, now BNS Section 319) was designed for physical impersonation and did not neatly accommodate digital fraud. As online scams multiplied in the mid-2000s — particularly phishing attacks on Indian banking customers — the legislature created a cyber-specific personation offence. Courts frequently charge accused persons under both Section 66D and the BNS cheating provisions together.

Key Amendments

Inserted by IT (Amendment) Act 2008 — no equivalent in original IT Act 2000.

Fine is mandatory unlike most IT Act offences where fine is discretionary.

Broader than Section 66C — covers all personation-based cheating, not just credential misuse.

Landmark Precedents

Kalandi Charan Lenka v. State of Odisha (2017)

2017 SCC OnLine Ori 1
RELEVANCE

Orissa High Court upheld framing of charges under Section 66D for creating a fake Facebook profile of the complainant and sending obscene messages — confirming social media impersonation as cheating by personation.