Law Enforcement Agencies Fail To Catch Up With AI-Equipped Cybercriminals
Initially, the "dialling agents" often have no idea that they are part of something illegal.
Yash was 17 when he and his friends, fresh out of their 12th-grade exams, joined a scam call centre in Kolkata.
During the gap between school and college, they were lured into this world of fraud. Upon joining, they were handed scripts to follow on calls, without understanding the true nature of their work.
Initially, these "dialling agents" often have no idea that they are part of something illegal.
The agents start as innocent people on calls, unaware that they are part of a larger, fraudulent operation.
These scammers mainly target people in the US and Australia. Due to the increasing complexities of scamming Americans, these centres are gradually shifting their focus to Australian victims.
"They gain access to the target's computer, introduce malware or spyware, and then charge the customer for "removal" services. "It's clear-cut cheating," said Pavan Duggal, a cybersecurity law expert and lawyer in the Supreme Court of India.
Three-Tier Scam Operation Overview
Initial Stage: College students are hired to make preliminary calls to potential victims. They earn a fixed salary of Rs 10,000–15,000 per month. At this stage, the students are usually unaware of the scam's full extent.
Closing Calls: More experienced agents handle follow-up calls, convincing victims to transfer money. These agents earn a commission of 5–10% of the scam amount, which can total up to Rs 1 lakh per month, depending on their success.
Money Transfer: Money is stolen from victims and transferred using hawala, an informal money transfer system. Agents involved in this stage take a significant cut of 20–40% of the transferred amount.
These call centres often disguise themselves as fake customer support services, such as fraudulent insurance claims or banking assistance. They continuously update scripts to avoid detection.
A Kolkata police official notes that these scams utilise third-party data, automated dial systems, and VPNs to appear legitimate.
Callers, often students, receive training in voice modulation and accent coaching. The operation involves anonymous data sellers and a hawala system for laundering money, making it difficult to track them.
Cycle Of Greed
This scam centre came to light when Jim Browning, a well-known scam-buster, traced fraudulent activities back to their source. After identifying the call centre owner, he passed the information to the Kolkata Police, leading to the arrest of 18 people, including the owner.
However, the police settled the case for Rs 25 lakh, and due to lack of hard evidence in court, allowed the scammers to be released on bail.
They not only defraud victims but also clone their credit cards for personal use. Despite occasional crackdowns, the cycle of fraud continues, fuelled by the corruption within the system and the endless greed of those involved.
Cross-Border And Legal Complications
Cybercrime is made worse by police corruption and jurisdiction issues. Supreme Court Lawyer Duggal points out that the Digital Personal Data Protection Act, 2023 could help reduce scams, but enforcement is weak.
In Kolkata, for example, Yash and his associates escaped charges after paying a Rs 25 lakh bribe. It’s difficult to prosecute call centres that target foreign victims due to jurisdiction challenges, India’s low conviction rates for cybercrime, and recent Supreme Court rulings on electronic evidence. Duggal suggests using special courts and teams in both the US and India for faster trials.
On the other hand, Advocate Prashant Mali argues that jurisdiction isn’t the main issue, citing successful deportations and convictions from the 2016 Mira Road call centre fraud. He stresses on the need for better cooperation between countries since extradition treaties exist between India and the US.
Sub-inspector SK Tajuddin from West Bengal Police highlights the role of YouTubers in exposing scams. However, he notes that old laws and slow investigations slow down prosecutions.
He calls for international teamwork and more cybercrime education in schools. The lack of information exchange between countries complicates matters.
While the US follows the Budapest Convention on Cybercrime, India does not, making informal cooperation crucial for tackling cross-border scams.
Strengthening Cybersecurity In India
The implementation of the Digital Personal Data Protection Act, 2023 is still pending, leaving significant gaps in India's data protection framework. These gaps enable scam call centres to exploit American citizens' data, often obtained from online sources or the dark web.
India has historically lacked a dedicated data protection law. "Cybersecurity risks are rising as technology continues to grow," noted RBI governor Shaktikanta Das, highlighting efforts like the central bank's public repository for digital lending apps.
To combat fraud, the US Embassy in India should form a dedicated team to monitor call centres, working with local police on joint operations akin to the Interpol's efforts.
Additionally, the forthcoming UN International Treaty on Cybercrime will bolster global initiatives against cybercrime, as emphasised by cybersecurity expert Mali.
The Role Of AI In Cybercrime
Cybercriminals are increasingly using artificial intelligence to automate their activities, creating new challenges for law enforcement agencies. "Programs like 'FraudGPT' are being used by scam call centres to devise innovative fraud methods," Duggal noted. Law enforcement agencies need to develop new strategies to prevent the misuse of AI and other emerging technologies for cybercrime.
While several private investigators help identify scam centres, they lack the authority to take legal action. They can only provide information to law enforcement agencies, which must then decide how to proceed. "While private stakeholders play a role, the ultimate responsibility lies with law enforcement agencies," said Duggal.
Protecting Yourself From Scams
Never allow unknown individuals to access your devices remotely. They may install malware or spyware once they gain access. Always consult a trusted repair professional instead.
If someone tries to scare or panic you, hang up immediately. Fear tactics are common among scammers.
Regularly back up your data and stay cautious.
Despite these precautions, cybercrime risks persist. Minimize your exposure by staying vigilant.
In the face of the growing awareness and occasional police crackdowns, the cycle of fraud persists. Yash, like many others, was drawn into this criminal world unaware. However, even after action by law enforcement agencies, the release of scammers due to corruption highlights the ongoing challenges.
According to the earlier quoted Kolkata police official, these call centres are highly organised, with layers of protection, VPN usage, and trained agents, making it tough for authorities to track them down.
SK Tajuddin, reiterates that international collaboration is essential to combat this borderless crime, and public awareness needs to be elevated to prevent more people, like Yash, from being lured into the dark side of cybercrime.