What Lies Behind the Play of Mind Games and Fear that End in Digital Arrest

New Year’s Eve is a time to sit back, relax and enjoy. But for social-media influencer Ankush Bahuguna, 31, it turned out to be a nightmare. On January 5, 2025, he shared in detail how he underwent a “digita- arrest” ordeal.

The modus operandi in digital- arrest scams typically involves scammers posing as authority figures who threaten, blackmail or induce fear among victims to extort money. The victims are then put under a digital arrest wherein they are manipulated into cutting all communication and following instructions of the scammer.

Bahuguna claimed he was digitally held hostage by scammers for 40 gruelling hours. He received a call from an unlisted international number in which an automated voice told him that a courier delivery addressed to him was cancelled. The automated voice urged him to press ‘0’ and he complied. Next, he was put in touch with a scammer posing as a customer support representative. The representative claimed the package mentioned on the call earlier had been seized, as it contained illegal substances.

He was also told that he had just one hour to prove his innocence. The scammer transferred his call to another member of his group who was posing as an official of the Mumbai Police. Bahuguna was told he was a “prime suspect” in a case involving money laundering and drug trafficking.

“They isolated me completely. I was not allowed to pick up calls, reply to messages, or even let anyone in the house know. They said if I contacted anyone, they would harm my family,” the influence said in his Instagram video.

After spending nearly two days under digital arrest, he managed to read a message warning about digital-arrest scams. But it was too late.

The scammers had already made him transfer an undisclosed amount of money and also put him under tremendous mental strain.

Such instances have become quite common. The macro data on digital-arrest scams is alarming. Between January and April 2024, Indians lost Rs 120.3 crore in such scams, according to data from the Indian Cyber Crime Coordination Centre (I4C), a dedicated wing of the cyber and information security division of the Union Ministry of Home Affairs.

Vishal Salvi, chief executive, Quick Heal, an IT security and data-protection-solutions provider, says,“The rapid digitalisation of India has created opportunities for cybercriminals to exploit unsuspecting individuals. The lack of digital literacy and awareness among many citizens makes them vulnerable to sophisticated scams.”

He goes on to add: “Fraudsters have become increasingly adept at using technology, employing tactics such as deepfake videos, professional-looking documents and realistic video calls to impersonate law enforcement officials.”

According to Sudeshna Guha Roy, partner at Saraf and Partners, a full-service law firm, these scams are executed using sophisticated technology such as digital forensics, online surveillance, and social-media monitoring. If this can happen with tech-savvy influencers, one can only imagine the fate that awaits the not-so-initiated, but 24x7 digitally logged section of the population, which is a huge cohort.

Vulnerable Targets

Influencers apart, there is a clear pattern indicating that scammers are targeting senior retired defence personnel. Not without reason—the retirement corpus is the temptation.

Consider three recent cases of defence personnel being scammed.

In August 2024, a 79-year-old retired major general of the Indian Army, currently living in Noida, was put under digital arrest for five days. The scammers posed as law-enforcement personnel and alleged that a courier addressed to him containing five passports, four credit cards, clothes, 200gm MDMA (a psychedelic drug) and a laptop had been seized. The scammers duped him of Rs 2 crore, according to media reports citing cybercrime investigators.

In October 2024, Major General (retd) Prabodh Chander Puri, 85, was defrauded of Rs 83 lakh through a digital-arrest scam. Puri, a resident of Sector 20, Panchkula, received a call from an unknown number on October 15, 2024, stating that his mobile phone was being used extensively and would be turned off permanently. After he complied with the instructions given to him to address the matter, he was entrapped by the scammers and put under digital arrest.

In another instance, Lieutenant Colonel (retd) Parupkar Singh, 81, a resident of Ludhiana, received calls from scammers posing as officers of the Central Bureau of Investigation (CBI) and the police department. Singh was accused of being involved in a money-laundering racket and asked to send Rs 35.3 lakh lying in his bank account to the scammers. The scammers promised to return the money once the investigation was complete. After they disappeared with the money, Singh informed the cybercrime police who managed to nab the culprits, according to media reports.

But not all digital-arrest victims are so fortunate. Incidentally, even young and middle-age earners are targets for these scammers.

On how scammers identify victims, Manish Tewari, co-founder of digital-asset-tokenisation platform Spydra Technologies, says, “Scammers access sensitive details of their victims in the guise of organisations from sectors such as health care, government and finance, which are digitising sensitive information.”

He says weak IT security policies in smaller companies are making data easily accessible to scammers. They use this data to identify vulnerable targets to prey on. They bypass traditional security issues like phishing and even zero-day exploits. “The cross-border nature of these crimes, with many perpetrators operating from countries like Myanmar, Laos and Cambodia, complicates efforts to track and prosecute them,” says Salvi.

Advisories Galore

In an episode of the Mann Ki Baat radio programme aired on October 27, 2024, Prime Minister Narendra Modi shed light on the rising cases of digital-arrest scams. He shared an advisory on how to respond to such calls. He recommended that recipients of such calls take a three-step approach of, “Ruko, Socho aur Action Lo [stop, think and take action]".

The first step is not to panick, remain calm and not share personal details or account numbers. The second step involves thinking and taking cognisance of the fact that legitimate agencies do not conduct investigation over calls. The third step involves taking action and reporting such incidents to the National Cyber Crime Helpline by dialling 1930 or informing family members and recording evidence.

On December 10, 2024, the Union Ministry of Home Affairs said in a release that the Centre has undertaken various measures to curb instances of digital arrests. These include raising awareness about “digital arrest” scams through newspaper ads, regular announcements in public places such as the Delhi Metro and special campaigns.

The Centre has also published a release alerting authorities against incidents of blackmail and digital arrest by cyber criminals impersonating as officials of state/UT police, Narcotics Control Bureau (NCB), CBI, RBI and others. Additionally, the Indian Cybercrime Coordination Centre has blocked more than 1,700 Skype IDs and 59,000 WhatsApp accounts used for digital-arrest scams.

The Centre and telecom service providers (TSPs) have also designed a system to identify and block incoming international spoofed calls displaying Indian mobile numbers which appear to be originating within India. The ministry mentions in its release that such international spoofed calls have been made by cybercriminals in recent cases of fake digital arrests and impersonation as government and police officials.

Directions have also been issued to TSPs for blocking such incoming international spoofed calls. Over 669,000 Sim cards and 132,000 international mobile equipment identity (IMEI) numbers have been blocked by the government, as of November 15, 2024.

Salvi of Quick Heal says, “To further combat these scams, the government may enhance international cooperation to address cross-border cybercrime, implement stricter regulations for digital platforms and provide specialised training to law enforcement agencies to improve their ability to investigate and prosecute these cases.”

Tewari of Spydra Technologies feels the government should make regular security audits mandatory and encourage adoption of global cybersecurity standards.

What Should You Do?

Advisories and warnings abound, but the reality on the ground is that there are no specific legal definitions for criminalising digital arrest. “Unfortunately, there is no specific legal definition for “digital arrest” in the prevalent acts or laws in the country. However, the legal framework under Bharatiya Nyaya Sanhita and the IT Act facilitates law enforcement agencies to combat such scams,” says Roy.

So, it’s best to take appropriate steps yourself. “Avoid providing any personal information or making payments. Scammers rely on panic and quick compliance, so taking a step back can prevent them from succeeding. Meanwhile, one can verify calls by contacting official agencies directly or verify suspicious calls and credentials using official websites. It is advisable to not rely on regular search engines and unverified sites, as scammers often upload fake numbers online,” advises Roy.

Also, note genuine investigations cannot end in payments. Any such demand should raise a red flag.

Salvi urges citizens to keep their bank accounts in check. “It is crucial to act quickly, especially if money has been transferred, as contacting the bank within 15–20 minutes may help freeze the transaction. Preserve all evidence related to the scam, including call recordings, messages and transaction details, as these will be vital for the investigation. Victims should also monitor their credit reports for any unauthorised activity and work with credit bureaus to dispute any errors resulting from fraud,” he says.

While the government and law-enforcement agencies figure out newer methods to curb the menace of digital arrest, the reins ultimately remain in your hands to not fall prey to such scams in the first place.