Find out how digital arrest scams are executed so you can beat them at their own game

NEW DELHI: When law-enforcement officers recently busted a digital arrest scam module, they were left aghast at the sheer scale and audacity of the operation. The scammers had a list of 20,000 pensioners from different states along with their bank details!

A similar module busted last year had led to the seizure of scripts of carefully crafted speeches, designed to deceive and intimidate targets, mostly elderly.
Digital arrest scammers, armed with sophisticated tactics and an alarming array of personal data, have evolved into a formidable force. With their kingpins often based abroad, police are mostly left haggling with foot soldiers.
Investigators have come across a complex and sophisticated network of deceit that threatens to ensnare even the most cautious individuals. "They seem very organised from step one. They employ scripted fraud speeches, carefully crafted to instil fear and panic, making targets more susceptible to the scammers' demands," a cyber cell officer explained. "The scripts are scientifically tailored to exploit the target's vulnerabilities, such as their age, health or financial situation, making these speeches even more effective at extracting money and information from unsuspecting individuals."
The scammers know exactly who they are targeting. They employ a range of tactics to obtain the sensitive data of bank customers, particularly targeting the elderly who are more vulnerable. They often use social engineering techniques, such as phishing emails or calls, to trick people into divulging their personal and financial information. Scammers also exploit security breaches or leaks from financial institutions, online marketplaces or darkweb forums to obtain customer data. In many cases, they even collude with corrupt bank insiders, such as employees or contractors, who are bribed or coerced into sharing sensitive confidential data, including account numbers, balance and other details of customers.
The gangs use "mule accounts" or "accounts-for-hire" to receive and transfer funds from their victims. These accounts are typically opened by unsuspecting individuals or accomplices who are hired or coerced into allowing the scammers to use them. Once the scammers receive money from victims, it is quickly transferred to other accounts, making it difficult for law enforcement agencies to track the trail. By using these accounts, the scammers aim to distance themselves from the financial transactions, making it harder for investigators to identify and prosecute them in court.
To acquire "mule accounts", the crooks often recruit unsuspecting people through online job postings or social media ads, with promises of easy money or legitimate work-from-home opportunities, sources said. "These people are then convinced to allow the scammers to use their bank accounts for what they believe are legitimate transactions. In some cases, the scammers may also use coercion, threats or blackmail to obtain control of an account," said a senior officer. Scammers also buy or rent bank accounts from organised crime groups or people involved in illicit activities.
Then comes the use of SIM cards bought on fake documents. They use thousands of SIM cards to make their calls appear legitimate and evade detection by using one SIM card per target, said an officer. Crooks exploit vulnerabilities in the system to obtain these SIM cards. The bigger modules acquire them in bulk using their contacts in telecom firms. Many a times, small retailers have been found to be selling bulk SIM cards to crooks at discounted rates without proper verification.
"Fake companies are also created to buy bulk SIM cards from telecom operators or authorised retailers. Additionally, identity theft is used to steal the identities of legitimate businesses or people to obtain bulk SIM cards. The grey market and online marketplaces, including dark web forums, are other platforms where bulk SIM cards are obtained from unauthorised sellers, ultimately aiding digital arrest scammers," another cyber cell cop said.
Officers also said they had been working with the bank to trace the siphoned money in real time. The suspicious transactions, once flagged by police, trigger an investigation and potential account freeze. Investigators then analyse the transaction trail to identify the flow of money from the victim's account to the scammer's account, enabling them to prevent further transactions. This ultimately leads cops to the owners of mule accounts, but they often manage to continue operating from shadows.