In a major operation against cybercrime syndicates exploiting India’s digital infrastructure, the Central Bureau of Investigation (CBI) has filed FIRs against 39 active Point-of-Sale (PoS) operators across the country. These PoS agents are accused of supplying more than 1,100 ghost SIM cards to cybercriminals based in Southeast Asian countries, who in turn used them to orchestrate digital arrest scams, impersonate law enforcement, and defraud hundreds of Indian citizens.
The crackdown was initiated based on findings from I4C (Indian Cyber Crime Coordination Centre), the Ministry of Home Affairs’ flagship cybercrime monitoring agency. The CBI investigation stemmed from data showing that out of 1,930 PoS operators, around 64,000+ SIM cards had been issued—each linked to 10 or more user complaints, primarily involving fraud, harassment, or identity misuse.
This large dataset was narrowed down to 84 PoS outlets under suspicion, and further deep-dive investigations revealed that 39 of these were currently active and actively engaged in the manufacture and sale of ghost SIMs—SIM cards registered on false identities or without valid e-KYC.
ALSO READ: FCRF Launches Campus Ambassador Program to Empower India’s Next-Gen Cyber Defenders
How the Scam Worked: Exploiting e-KYC Loopholes
The fraudulent scheme exploited vulnerabilities in India’s electronic Know Your Customer (e-KYC) process, a system designed to ensure traceable and verified mobile connections. According to the CBI, rogue PoS operators tricked legitimate customers during the onboarding process.
These agents lied to users, claiming their e-KYC process had failed, and asked them to resubmit biometric data. In reality, the second set of data was used to activate a duplicate SIM card—this time not given to the actual customer but sold to anonymous cybercriminals abroad.
This method allowed criminal networks in countries like Cambodia, Myanmar, and Laos—many already linked to cyber slavery rings—to operate within Indian telecom networks without detection. These ghost SIMs were used to:
- Send threatening calls impersonating law enforcement or bank officials
- Run extortion rackets, claiming victims were involved in crimes
- Bypass call tracking using dummy identities
- Scale up phishing and sextortion campaigns across states
Cyber Crime Without Borders: India’s New Digital Threat
The scam’s implications go far beyond telecom misuse. Investigators believe the ghost SIM card racket is the technical backbone of international cybercrime syndicates, enabling them to carry out “digital arrests”—a fast-growing form of scam where victims are threatened with fake police or NCB action via video calls and coerced into transferring large sums under duress.
“These SIMs made it nearly impossible to trace the origin of the threat,” said a senior cybercrime investigator. “The impersonators operated from abroad but used Indian phone numbers, which gave their threats credibility.”
Sources within I4C indicated that several PoS operators may have knowingly partnered with cross-border agents, while others were motivated by incentives and commissions without realizing the broader threat.
The MoHA is now reportedly working with telecom operators, UIDAI, and the Department of Telecom (DoT) to identify vulnerabilities in the SIM issuance process and plug regulatory gaps. Further arrests and the cancellation of dealer licenses are expected as the probe widens.
India’s Telecom Fraud Dilemma: Loopholes in the System
This isn’t the first time Indian telecom systems have been used as a launchpad for global scams. Earlier cases have revealed misuse of bulk SIM issuance, synthetic identities, and benami activations. Despite stringent norms introduced in 2021–2022 to limit SIM issuance and enforce biometric verification, the ghost SIM crisis underscores a failure in ground-level execution and dealer oversight.
CBI’s latest action marks a shift toward systemic accountability, targeting not just the end-users of fraud but the facilitators embedded within India’s telecom distribution chains.