Ara (Bihar): Narayanpur, a small settlement in Bihar’s Bhojpur district with a population of just over 2,000, has unexpectedly emerged at the centre of a major international cyber fraud investigation. In a span of just three days, more than 20,000 suspicious calls were traced to the area, triggering alarm within intelligence and enforcement agencies and eventually leading investigators to a SIM-box setup allegedly operating from a modest house in nearby Bhaluni village.
The discovery has raised troubling questions about how sophisticated cybercrime infrastructure linked to foreign fraud syndicates managed to function undetected in a rural pocket with no major telecom or industrial footprint.
Certified Cyber Crime Investigator Course Launched by Centre for Police Technology
According to investigators, abnormal call traffic originating from Narayanpur was flagged in early July 2025 by the Digital Intelligence Unit. Between July 5 and July 7 alone, nearly 20,000 calls were routed from the area to different parts of India. Initial analysis suggested that the calls were being masked to appear as domestic mobile calls, even though they were originating from international Voice over Internet Protocol (VoIP) networks.
Further technical tracking led agencies to Bhaluni village, around 35–40 km from Ara town, where a SIM-box was allegedly being operated from a mud house with a blue-painted door. Officials say the operation had links to cybercrime handlers based in Cambodia and Thailand, countries that have emerged as major hubs for online fraud targeting Indian citizens.
SIM-box setup and seizures
During searches, authorities recovered four SIM-box devices, 186 SIM cards and other electronic equipment from the premises. The SIM cards were allegedly activated using forged credentials and sourced from multiple Indian states to avoid detection. Officials estimate that the illegal routing of international calls as local calls caused a revenue loss of around ₹50 crore to the telecom exchequer.
The case was initially handled by Bihar Police’s Economic Offences Unit in coordination with the Department of Telecommunications. Given the cross-border dimensions and scale of the operation, the Central Bureau of Investigation (CBI) formally took over the probe on January 9.
Investigators are now examining financial trails, call logs and foreign linkages to identify the main beneficiaries and handlers of the network.
How SIM-box fraud works
A SIM-box is a device capable of holding hundreds of SIM cards simultaneously. It converts international internet-based calls into local mobile calls, allowing fraudsters to hide the true origin of the call. As a result, victims see Indian mobile numbers on their screens and are less likely to suspect fraud.
Such setups are widely used for bank fraud, OTP theft, impersonation scams and so-called “digital arrest” frauds, where callers pose as law enforcement officials to extort money.
Role of the local operator
Police have identified Mukesh Kumar, a resident of Bhaluni village, as the local operator of the SIM-box. According to investigators, the device had been running for nearly two years. However, the family claims Kumar had limited technical knowledge and was unaware of the full scope of the operation, a claim authorities are still verifying.
Officials say similar SIM-box networks have been detected in other parts of Bihar, including Supaul, with links pointing consistently towards Southeast Asia.
National security concerns
The case has sparked wider concern among security agencies, as SIM-box fraud not only enables financial crimes but also undermines telecom security and surveillance systems. Masked calls can be misused for coordinated scams, misinformation campaigns and other activities with potential national security implications.
A growing challenge
Experts say the Bhojpur case highlights how cybercrime networks exploit regulatory gaps, rural anonymity and local intermediaries to run high-value international operations at minimal cost. Despite repeated crackdowns, SIM-box fraud continues to resurface in new locations.
As the CBI investigation progresses, agencies are expected to focus on dismantling the larger transnational syndicate rather than just local operators.
For Narayanpur and Bhaluni, the revelations have transformed obscure villages into symbols of a far larger digital threat—one that begins with a phone call and ends with millions lost across borders.
About the author — Suvedita Nath is a science student with a growing interest in cybercrime and digital safety. She writes on online activity, cyber threats, and technology-driven risks. Her work focuses on clarity, accuracy, and public awareness.
