Imagine getting a fraud call from what looks like an Indian number, but the caller is sitting thousands of kilometres away. That’s the kind of cybercrime network Indian agencies now want to break.
To tackle the growing wave of online fraud originating from abroad, the Central Bureau of Investigation (CBI) and the Indian Cybercrime Coordination Centre (I4C) are considering major changes. These include linking bank KYC to biometric verification and connecting international mobile roaming services to passports. The aim is to stop overseas cybercriminals from misusing Indian SIM cards and bank accounts. Why this move now?
The proposals came up during a two-day national conference organised by the CBI and I4C under the Home Ministry. The meeting brought together cyber experts, police officials, banking representatives, including those from the Reserve Bank of India (RBI), along with Interpol and other security agencies. The focus was on cyber fraud networks operating in parts of Southeast Asia. Investigators say many of these groups misuse Indian SIM cards and “mule” bank accounts to cheat people back home. Union Home Minister Amit Shah described the situation as serious, saying: One person becomes a victim every 37 seconds, and on average, 100 people fall prey to such frauds every hour. He asked agencies to prepare recommendations for the government based on the conference discussions. SIM cards and mule accounts
Investigations have revealed a worrying pattern. Indian SIM cards are activated in India, then smuggled abroad. Fraudsters use these numbers to call victims in India, making the calls appear legitimate. Victims are threatened with so-called “digital arrests,” lured with fake loan offers, or tricked with fraudulent job schemes. Once the money is transferred, it moves quickly through multiple bank accounts, often called mule accounts, before being converted into cryptocurrency or routed elsewhere. This makes tracing and recovery extremely difficult. Some mule accounts are opened using fake documents. In other cases, unsuspecting individuals are used as fronts to move stolen money. The three pillars of cyber fraud
During the conference, experts identified three major pillars that support cybercrime networks: The Financial Pillar – mule accounts and money laundering channels.
The Telecom Pillar – misuse of SIM cards, eSIMs, and digital infrastructure.
The Human Pillar – trafficking and coercion of individuals forced to work in scam centres abroad. CBI Director Praveen Sood highlighted how basic tools enable these crimes: Regardless of where cybercriminals are located, crimes cannot be committed without a SIM card and a bank account.
He also noted that earlier cybercrime hubs like Jamtara, Mewat and Bharatpur have now shifted overseas to countries such as Cambodia, Thailand and Myanmar. Also read: How AI companies like OpenAI and Gemini plan to make money without losing user trust
Key changes being considered Authorities are now examining several measures: Officials say these ideas will be reviewed further before being sent to the government. At the same time, they stressed that genuine travellers should not face unnecessary inconvenience. Rising losses, stronger action
The urgency is evident. The Supreme Court recently noted that cybercrimes, including digital arrest scams, may have cost Indians over ₹54,000 crore.
The CBI, which has handled cybercrime cases since 2000, set up a dedicated Cybercrime Investigation Division in 2022 and now serves as the nodal agency for such offences involving central government institutions. With new proposals under review, India’s fight against cybercrime is entering a tougher phase, with stricter checks on bank verification and international roaming to prevent misuse of SIM cards and bank accounts.
