Check Point Software Technologies today issued a critical safety advisory as India continues to witness a surge in ‘digital arrest’ scams—a sophisticated form of cyber fraud targeting unsuspecting individuals. These scams, marked by their psychological manipulation and detailed impersonations, are rapidly emerging as a significant threat in the country’s digital ecosystem.
A Growing Concern: Real-Life Impact
Fraudsters impersonating officials from agencies like the CBI, Income Tax Department, or Customs are exploiting victims through phone and video calls, presenting fabricated evidence of alleged crimes such as tax evasion or financial misconduct. Victims are coerced into transferring large sums of money under the pretence of avoiding arrest or other regulatory misdemeanours.
Recent incidents paint a grim picture:
- A prominent content creator endured a 40-hour ordeal, manipulated with false accusations and personal data.
- A Bengaluru-based tech professional lost ₹11.8 crore in December 2024 to such a scam.
These chilling cases underscore the escalating sophistication of such frauds and the urgent need for public vigilance. According to government data, Indians lost ₹120.30 crore to digital arrest scams in the first quarter of 2024 alone, making it one of the top four online frauds alongside trading, investment, and romance scams.
Alarming Trends
Between March 2023 and 2024, digital financial frauds in India surged fivefold, with losses exceeding Rs 14.57 billion (approximately $175 million). India now ranks 10th on the World Cybercrime Index, solidifying its position as a global hotspot for online scams.
The rapid growth of digital payments, driven by government initiatives and the pandemic, has further widened the pool of potential victims. Unified Payments Interface (UPI) transactions skyrocketed from Rs 92 crore in FY 2017-18 to over Rs 13,116 crore in FY 2023-24.
Despite the challenges, there have been instances of recovery. In one case, a victim who lost Rs 6 crore to a digital arrest scam managed to recover Rs 60 lakh by filing a police complaint and persistently following up with banks. This highlights the critical role of swift action and collaboration between banks, law enforcement, and victims in addressing such crimes.
“As India’s digital footprint expands, so does the ingenuity of cybercriminals. Digital arrest scams are not just a threat to individuals—they are a wake-up call for society to strengthen our defenses, educate our communities, and act decisively. Cyber security isn’t just a necessity; it’s the backbone of our digital future.” Said Sundar Balasubramanian, Managing Director for India and South Asia at Check Point Software Technologies.
To combat digital arrest scams and safeguard against similar crimes, consider these preventive measures:
- Do Not Transfer Money: Legitimate law enforcement agencies do not demand payments to stop investigations.
- Verify Suspicious Calls: Always cross-check the identity of callers claiming to be officials by contacting the relevant agency directly.
- Be Cautious of Unsolicited Messages: Be wary of unexpected calls or messages claiming urgent legal action.
- Stay Informed: Educate yourself on common scam tactics and share this knowledge with friends and family. It’s important to note that “digital arrest” is not a legal concept under Indian law, and no law enforcement agency would ever request personal information from citizens via phone or video calls.
- Report Fraud: Use the cybercrime portal (cybercrime.gov.in) or helpline (1930) to report suspected fraud.
- Leverage the Chakshu Facility: Flag suspicious numbers on the Sanchar Saathi portal for investigation.
- Beware of Fake Password Reset Emails: Always visit websites directly (don’t click embedded links) to reset passwords.
- Check Email Language: Phishing emails often use urgency, authority, or threats to manipulate recipients. Look out for grammatical errors, unusual phrasing, or unsolicited requests.
- Watch Out for Common Phishing Techniques:
- Fake orders/delivery emails impersonating trusted brands.
- Business Email Compromise (BEC) scams where attackers impersonate executives to demand money transfers.
- Fake invoices designed to deliver malware or request payment.
- Never Share Credentials: Avoid providing passwords or personal information to unverified parties, whether through phishing sites or support scams.
