© IE Online Media Services Pvt Ltd
Tags:
Journalism of Courage
The internet and cyberspace is rife with digital swindles. From online dating scams to pig butchering scams to cryptocurrency scams, there are many at play lately. These scams involve an element of “social engineering,” a phrase for tactics used to dupe a victim into making poor decisions such as trusting someone they should not, and sending them money.
So far in 2024, Indians have reported being cheated of Rs 19,888.42 crore after falling for various types of cyber frauds, up from Rs 921.59 crore in 2023. Authorities have fielded around 14.41 lakh calls this year to the national cybercrime helpline number (1930), according to the Indian Cybercrime Coordination Centre (I4C), a government body under the aegis of the Union Ministry of Home Affairs.
However, there’s one type of scam that is currently everywhere in India: Digital arrest scams. Over the past eleven months, an estimated 92,323 cases of digital arrest scams have been recorded with victims in India losing a total of Rs 2,140.99 crore, as per I4C. It is important to note that these numbers are likely under-counted as scam victims often do not report incidents due to lack of awareness and out of fear of embarrassment.
Let’s take a closer look at how digital arrest scams work, who is behind them, why it is easy to fall for them, and what you can do to protect yourself and your loved ones from being swindled in this way.
The surge in cyber frauds can be traced back to the COVID-19 pandemic which pushed a significant portion of the world online. However, digital arrest scams took off in India early 2023 as a variant of courier scams where a scammer posing as an executive of a courier service such as FedEx would tell the target that a package under their name is stuck at the airport because it contains something illegal.
They would connect them to a fake customs or cyber cell official. The target would then be asked to transfer money to a so-called RBI-stipulated, surveillance bank account in order to avoid arrest, with the smart twist that the amount would be returned to them once the target’s identity has been verified.
Digital arrest scammers follow a similar script. They make phone or video calls to targets while posing as officials from law enforcement agencies or regulatory bodies such as the Reserve Bank of India (RBI) and Telecom Regulatory Authority of India (TRAI). At times, scammers have also impersonated judges and staged court hearings as part of the process.
The fraudsters proceed to extort money from the target by creating an atmosphere of fear with threats of surveillance, arrest, and being sent to jail.
“They exploit your inner, darker side where you think that you have done something wrong like sending a letter stating that you have seen pornography,” said Dr Rakshit Tandon, a cybersecurity expert who works as a consultant with law enforcement agencies in India.
Fraudsters are able to pull off digital arrest scams by doing their research on prospective victims. In some cases, they might also be able to get a hold of the victim’s personal information such as their online shopping orders which could originate from breached datasets sold on the dark web.
Telling the victim of their previous online purchases, for instance, makes the scammers seem more convincing. It leads the victim to think that only a law enforcement or government agency is capable of knowing all these details, Tandon said.
Victims have recalled fraudsters telling them to download Skype in order to set up a video call. On the call, the scammers appear in official-looking police uniforms. Letters and IDs bearing official logos are a few other props used by scammers to make themselves appear legitimate.
They often impersonate high-ranking officials to make the situation seem more serious. Another way they bait victims is by telling them that they have been implicated in high-profile cases that have been in the news such as the money laundering probe against Jet Airways founder Naresh Goyal.
Of late, digital arrest scams have gone high-tech with the use of generative AI tools to clone the voices of a victim’s family member and make it seem like they are in distress.
Tandon further opines that the over-explosion of online information and excessive use of digital technology has affected our cognitive thinking, leading to people getting easily scared or intimidated.
“Initially when it started, we saw that most of these calls were coming from Southeast Asian countries like Cambodia, Laos, and Vietnam,” Tandon said. The I4C has identified that scammers in these countries run their operations out of casinos which were shuttered during the pandemic and are located within “scam compounds”.
Indian youth are lured to these countries with job offers in IT and administrative work, according to a United Nations report released in October. While some of them willingly visit scam compounds to undergo training in how to perpetrate scams, others are allegedly held against their will.
Earlier this year, The Indian Express had reported that over 5,000 Indians were trapped in Cambodia and forced to carry out cyber frauds on people back home. However, around 1,300 Indians have reportedly been rescued from such scam compounds between May and June this year.
The proceeds from digital arrest scams and other types of cyber crimes are laundered using mule bank accounts. These accounts are used to park the defrauded money or transfer to other mule bank accounts in an attempt to make detection difficult.
Last month, indianexpress.com learnt that the Centre had detected and frozen over 4.5 lakh mule bank accounts spread out across branches of public and private-sector banks such as State Bank of India, Punjab National Bank (including Oriental Bank of Commerce and United Bank of India), Canara Bank, Kotak Mahindra Bank, and Airtel Payments Bank.
The defrauded money is also transferred out of the country in the form of cryptocurrencies or by making deposits to “fake investment scam sites, offshore betting and gambling websites, fake stock trading platforms,” the I4C said in an October alert against illegal payment gateways facilitated by mule bank accounts.
Tandon pointed out that the success rate of digital arrest scams has led to copycat scams from within India as well.
A key component of helping people avoid becoming victims to digital arrest scams is awareness. During an episode of his radio programme Mann Ki Baat on October 27, PM Modi drew attention to “digital arrests”, warning people against the scam.
“Beware of digital arrest frauds. There is no system like digital arrest under the law. No government agency will ever contact you via phone or video call for such an investigation,” he said.
Microsoft-owned Skype, which has emerged as a channel to perpetrate digital arrest scams, has introduced real-time alerts that are triggered and shown to users when they type certain keywords. The I4C has also asked the video-calling platform to take down around 1,700 Skype IDs.
Tandon urged victims or targets of digital arrest scams to report the cyber fraud within the first 24 hours (known as the golden hour) through government channels such as the Chakshu portal and the national cybercrime helpline number. These channels are linked to law enforcement apparatuses that send the alert down the chain to banks, payment wallets, and other intermediaries so that the transaction can be blocked.
I4C data shows that Rs 1,361 crore out of Rs 11,269 crore of defrauded money was blocked by banks in the first six months of 2024. However, only Rs 11.97 crore has been returned to the victims so far.
