By Aaron Beardslee, Manager of Threat Research at Securonix
Any phone call with a person introducing himself as a government official gets quick attention. The caller then says that a package connected to your identity and Aadhaar card number has been linked to a criminal activity. This is followed by a video call with the scammer in a uniform that looks legitimate in front of a staged police station backdrop. Forged letterheads and documents bearing Ministry of Home Affairs and Reserve Bank of India seals, accusing you of criminal activity, are shared via WhatsApp. You are told not to speak to anyone, remain on camera, or get arrested. In panic, you part with your hard-earned money, afraid of losing face and being behind bars. Such stories come out of India regularly.
Digital arrest scams have emerged as one of India’s fastest-growing cybercrimes. Scammers impersonate police, CBI, ED, or judicial officials, falsely accuse victims of crimes, and isolate them over video calls to extort money. Business owners, professionals, retirees, government employees, and executives across the country have fallen victims but the scam mechanics remain consistent.
According to the Indian Cyber Crime Coordination Centre, more than 92,000 digital arrest scam cases were reported in India in the first ten months of 2024 alone, with victims losing an estimated 2,140 crore rupees. The cases nearly tripled between 2022 and 2024.
Before Money Moves, The Attack Begins
In these scams, the critical stage of the attack is complete before any money or sensitive information is shared. Humans weigh all perceived consequences and rarely make decisions in isolation. However, fear of criminal investigation overrides judgment, leading people to comply without verification. These scams are effective as it gives the victim just enough information to stay engaged, leaving no room to examine the situation objectively.
Authority Is One of The Strongest Attack Surfaces
Digital arrest scams work because authority still influences decision-making in powerful ways. Most people instinctively cooperate with perceived authorities and seek to resolve issues quickly, especially without prior experience of criminal investigations. A 2025 survey found that 79 percent of respondents in India trusted their government to do the right thing, compared to 47 percent in Australia and 41 percent in the United States. That trust, when exploited, becomes one of the most effective attack surfaces available. The attackers understand this and invest heavily in presentation.
An Industrial Operation, Not a Cottage Industry
The Ministry of Home Affairs has confirmed that a significant portion of digital arrest calls trace back to scam farms operating across Thailand, Cambodia, and Myanmar. These scams are run by organized networks with dedicated data teams. Many Indian nationals involved are themselves trafficking victims, coerced into executing fraud under threats of violence. More than 500 individuals were repatriated to India from Southeast Asian scam operations in 2025 alone. These networks have proven extremely difficult to shut down, with operations relocating when pressure increases rather than disbanding.
The financial infrastructure is equally organized. Payments are routed through UPI transfers, cryptocurrency wallets, and gift cards, with layering designed to place funds beyond rapid recovery. Indian authorities have improved their interception rate over time, growing from blocking roughly 6 percent of defrauded funds in 2021 to approximately 19 percent by early 2026, but the scale of losses means billions of rupees still reach criminal networks each year.
Better Tools Are Making Old Techniques Stronger
Digital arrest scams existed long before AI entered the picture. Criminals have always impersonated authority figures and have always used urgency to create pressure. Today, messages are cleaner, and supporting documents are more convincing. It only needs to appear legitimate long enough to keep the victim engaged.
Deepfake technology is now being used to generate realistic videos of law enforcement officers and, in documented cases, judicial figures. The UN reported a 600 percent spike in criminal deepfake usage in early 2024. In the Vardhman Group case, scammers conducted a live fake Supreme Court proceeding via Skype, complete with a deepfake video of the Chief Justice of India presiding over the hearing and a forged court order transmitted via WhatsApp afterward.
What Security Teams Should Pay Attention To
Digital arrest scams are often categorized as a consumer fraud issue. The same principles appear repeatedly in enterprise attacks. Decision makers under pressure look for resolution before they look for verification.
A fake executive request, a fraudulent vendor payment, a compromised business email account, and a digital arrest scam all rely on remarkably similar human responses. Awareness programs still focus heavily on identifying suspicious content, but content is only part of a larger story. Understanding how attackers exploit manipulation, authority, and urgency is now a cybersecurity imperative.
A Measurable Decline, and What It Tells Us
Data from the Ministry of Home Affairs released in early 2026 showed digital arrest cases declined by approximately 86 percent in 2025, with financial losses falling by more than 66 percent. Prime Minister Modi addressed the phenomenon directly in his Mann Ki Baat radio broadcast in October 2024, advising citizens to stop, think, and act before complying with any threatening call claiming government authority.
The decline shows the impact of large-scale awareness, but also how cybercriminals adapt. As resistance grows, they change their narratives and targets, not their underlying model. While digital arrest scams may have peaked in 2024, the lessons they offer about exploiting human vulnerability under pressure remain as relevant as ever.
The Future of Cybercrime Looks Increasingly Human
Cybercrime is often viewed through the lens of advancing technology, but India’s digital arrest scams reveal a deeper truth: the most effective attacks exploit people, not systems. By manipulating fear, authority, and uncertainty, attackers create a convincing reality that drives victims to comply.
Technology will evolve, but the core mechanics will endure because they exploit consistent human behavior. Trust has always been one of the most valuable attack surfaces available. Security teams should spend at least as much time understanding it as the attackers do.