Subhead: After weeks of tower-dump and CDR analysis, Tamil Nadu’s Cyber Crime Wing arrested three in New Delhi and seized 24 SIM boxes allegedly used to spoof official calls and extort victims—part of a two-month, multi-state crackdown that has dismantled 44 devices so far.
Dateline: NEW DELHI/CHENNAI | Monday, October 6, 2025
Tamil Nadu’s Cyber Crime Wing has dismantled a key node of an alleged international “digital arrest” racket, arresting three suspects in New Delhi—identified as Tarikh Alam (19), Lokesh Kumar (33) and Ashok Kumar (40)—and seizing 24 SIM boxes in coordinated raids across Narela and Nilothi. Investigators say the equipment converted overseas VoIP calls into local numbers, helping scammers impersonate police and central agencies to coerce victims into transfers under the threat of arrest.
The seizures followed weeks of tower-dump and call-detail record correlation that flagged unusual call-routing bursts pointing to clandestine SIM gateways. Police linked the Delhi node to a wider network with footprints in Mumbai and Bihar, part of an ongoing campaign that has neutralised 44 SIM boxes in about two months.
Inside the Delhi raids
Teams hit two addresses—Narela and Nilothi—recovering 16 SIM boxes at one site and 8 at the other. Each device can host multiple SIMs (often dozens), and when chained together they can route a high volume of calls while masquerading as ordinary domestic traffic. The three men were detained on suspicion of maintaining the hardware and renting capacity to scam operators. Initial digital forensics indicate the boxes were active in the days leading up to the raids, funneling calls that resembled agency “verification” scripts common to digital-arrest frauds.
Senior officers said the operation built on signal intelligence and pattern analysis of call bursts that overlapped with complaint spikes in multiple states. Follow-up action is underway to trace supply chains for the hardware and SIM provisioning.
What a SIM box does—and why scammers love it
A SIM box is a multi-SIM gateway. It takes an international VoIP call and injects it into local networks using ordinary SIM cards, making the call appear as a familiar domestic mobile number. That disguise helps evade spam filters, defeat international call identification, and slash costs that would otherwise be billed as international termination. For scammers, the payoffs are huge: victims are more likely to pick up a local number, and law enforcement initially chases phantoms spread across hundreds of prepaid SIMs. Telecom analysts note that the practice also robs carriers of interconnect revenue, creating a financial incentive for industry to aid investigations.
India has witnessed multiple SIM-box busts this year—from Tamil Nadu to Bihar—often with interstate and overseas links (Cambodia, Thailand, and other hubs).
The ‘digital arrest’ playbook—how the scam works
“Digital arrest” is psychological custody. Fraudsters pose as police/agency officials (CBI, NIA, TRAI, ED), allege that a victim’s SIM, Aadhaar, or bank account is tied to crimes, then keep the victim on a continuous call or video link—sometimes for 10–24 hours—until money is transferred “for verification.” The script leverages intimidation, fake case files, and counterfeit orders to shut down the victim’s support network. Recent cases detail round-the-clock calls, forged agency headers, and threats of arrest if the victim disconnects or calls family.
Police say SIM-box infrastructure supercharges the scam by allowing mass, low-cost, constantly rotating caller IDs, which frustrate blocking and help syndicates look “official” at first glance.
A campaign months in the making
The Delhi action caps a two-month push by Tamil Nadu’s cyber wing. In late August and September, officers seized high-capacity SIM boxes in Chennai suburbs and Madurai, arresting multiple facilitators—including, in one case, a bank relationship manager accused of helping open mule accounts. These busts exposed supply channels and modus operandi linked to Chinese handlers and Southeast Asian compounds, steering investigators toward the NCR node hit this week.
Parallel enforcement across other states has highlighted how SIM-box rings intersect with investment, parcel, and matrimonial scams. But the digital arrest variant is especially damaging because it weaponises authority, keeping victims isolated and compliant for hours.
How the crack team found the boxes
1) Tower-dump analytics. Investigators requested bulk call logs from towers near suspected flats and warehouses. They looked for bursts of short-duration calls originating from a cluster of SIMs—often a telltale of SIM-box traffic.
2) CDR correlation. Cross-matching call-detail records with complaint timestamps revealed synchronized patterns: the same clusters flaring during reported scam windows.
3) RF sweeps & on-ground checks. Teams then ran radio-frequency sweeps and physical reconnaissance to confirm the presence of antennae and cabling inconsistent with single-SIM devices.
4) Multi-state coordination. Leads from prior seizures in Tamil Nadu provided device IDs, import routes, and wallet footprints that ultimately circled back to Delhi rentals.
Names, roles, next steps
The three detained in Delhi—Tarikh Alam, Lokesh Kumar, Ashok Kumar—are alleged to have hosted and maintained the SIM nodes. Police are probing whether they also obtained SIMs, configured GSM gateways, and brokered voice traffic to overseas clients. Devices recovered at both sites are being forensically imaged; CDR and IMEI trails will be matched with complaint logs. More arrests are possible as money flow and device procurement lines are traced.
A look back: August–September busts set the stage
In earlier operations, Tamil Nadu’s cyber wing recovered 14 high-capacity SIM boxes and arrested six persons, including telecom-adjacent insiders, after uncovering remote-operated gateways in gated communities. Those probes sketched the supply chain (including suspected China-sourced hardware) and account-opening networks for laundering proceeds.
Independent coverage points to ongoing intelligence operations against international SIM-box networks, with public updates mirroring a steady pace of seizures and takedowns feeding into the Delhi raids.
The toll: from victims to telecom revenue
Aside from human impact, SIM-boxing bleeds interconnect revenue from telecom providers by bypassing proper international routing. That loss, while hard to quantify per seizure, becomes material at scale—fueling industry collaboration with cyber cells for faster data access and call-pattern red flagging.
Victim stories also continue to surface nationwide. In Hyderabad just days ago, a 56-year-old tutor was kept on video call nearly 24 hours by impostors posing as TRAI and CBI, and coerced into transferring ₹7 lakh—a textbook digital-arrest script.
What you should do if a ‘digital arrest’ call hits your phone
- Hang up; call back the real number. No Indian agency conducts arrests over a phone call or video chat. If someone claims to be police/CBI/NIA/TRAI, disconnect and call the agency’s official switchboard.
- Never stay on a “continuous call.” Coercing you to remain on the line is a classic control tactic. Disconnect and seek a second opinion.
- Don’t share OTPs, Aadhaar pics, or banking details. Genuine officials never ask for these over calls.
- Report immediately within the ‘golden hour’. If any money has moved, dial the national Cybercrime Helpline 1930 or file on cybercrime.gov.in—faster reporting boosts the odds of freezing funds.
- Use ‘Chakshu’ only for suspicious messages. To forward spam/fraud messages, the Sanchar Saathi ‘Chakshu’ feature helps; but financial fraud reports still belong to 1930/cybercrime.gov.in.
The law: what cases typically invoke
Police commonly register offences under cheating/impersonation provisions of the Bharatiya Nyaya Sanhita (BNS), read with the Information Technology Act for identity theft, unauthorized access, or data misuse. Some states have also layered charges tied to telegraph/telecom rules or forgery when documents are faked. The Hyderabad digital-arrest FIR last week, for instance, cites BNS and IT Act sections.
Why SIM-box crackdowns are getting smarter
- Data sharing with telcos: Rapid KYC checks on bulk SIM activations, watchlists on unusual call densities, and flags on single IMEI–multi-SIM patterns.
- Cross-state tasking: Cyber cells in TN, Chandigarh, UP, and Bihar have pooled intel and SOPs to replicate successful busts.
- Public reporting pipelines: The national 1930 helpline and cybercrime.gov.in portal are integrated with banks for fast freezes, a system celebrated in recent state updates for stopping large sums in the first 2 hours.
How the scam evolved—and where it’s going
Early versions leaned on robocalls and threat scripts. The modern form layers in deepfake headers, document templates with official seals, and live video to intensify pressure. As enforcement and telco filters improve, gangs are expected to rotate geographies and shorten campaign cycles, burning through SIMs faster. That, in turn, makes SIM-box takedowns disproportionately effective: removing a gateway instantly de-rates thousands of spoofable numbers.
Some rings now blend digital arrest with investment-app and parcel/Customs scams, cross-pollinating databases and playbooks. A recent multi-crore racket uncovered in Uttar Pradesh and Delhi used 100+ bank accounts and POS terminals to launder inflows—illustrating how SIM-box infrastructure can serve multiple fraud verticals.
#CyberCrime #SIMBox #DigitalArrest #Police #Delhi #TamilNadu #TelecomFraud #Safety
+ There are no comments
Add yours