A Central Bureau of Investigation (CBI) probe has been opened into a Delhi-based firm accused of procuring thousands of mobile connections in bulk and diverting them for organised cybercrime, including SIM-box operations and “digital arrests,” in alleged violation of Department of Telecommunications (DoT) guidelines.
FIR names directors; telecom officials under lens
The CBI has registered an FIR naming the company’s directors along with yet-to-be-identified officials and distributors of a major telecom operator. Investigators allege the firm obtained more than 20,000 SIM cards and sold or routed them in breach of DoT rules governing enterprise connections and machine-to-machine (M2M) use.
According to the preliminary inquiry, the firm procured 20,986 mobile connections from 2020 to 2025. Of these, 7,721 SIMs were allegedly taken in 2024–25 and used to place fraudulent calls by impersonating officials of TRAI, law-enforcement agencies and service providers to intimidate and deceive citizens through so-called “digital arrests.”
What the data patterns show
Call data record (CDR) analysis indicated that certain numbers were operated across 203 to 387 IMEIs and generated large volumes of one-second automated calls—patterns consistent with SIM-box activity, IMEI tampering and M2M communication prohibited under DoT norms. Usage clustered around the firm’s registered address in Delhi and an office building in Noida, the inquiry found.
The agency has flagged suspected KYC violations, stating the firm circulated false end-user lists and reused identity documents to obtain multiple SIMs. Examples cited include 90 SIMs issued for just 10 people, and 1,000 numbers issued for only 143 people across several states. Six numbers examined by the agency each had a corresponding cyber-crime complaint on the National Cybercrime Reporting Portal (NCRP).
The Sanchar Saathi portal received 210 complaints linked to 189 mobile numbers associated with the firm, according to the CBI. The complaints, coupled with CDR red flags, prompted the registration of the case and widening of the probe to intermediaries in the distribution chain.
SIM boxes and the fraud ecosystem
A SIM box—hardware that holds dozens or hundreds of SIM cards—can route international or VoIP calls as local traffic, masking origins and helping bypass interconnect and regulatory regimes. The CBI alleges the modules used in this case could mask or switch IMEIs, enabling illegal VoIP termination, mass-messaging operations and coordinated financial fraud.
