shot-button
Ganesh Chaturthi Ganesh Chaturthi
Home > Sunday Mid Day News > How global hacktivists came together to bust Indian cyber scammers

How global hacktivists came together to bust Indian cyber-scammers

Updated on: 15 October,2023 07:25 AM IST  |  Mumbai
Gautam S Mengle | gautam.mengle@mid-day.com

In a two-week operation, global hacktivists pull the pants down of India’s top embarrassment: swindlers posing as call-centre execs

How global hacktivists came together to bust Indian cyber-scammers

File pic

In a well-lit room, a Caucasian man sits at one of the many computers arranged in a circle. His headset on and he types intently while speaking through the mic.
“I’m sorry, what am I supposed to do?”


“Just be on the line for two to three minutes,” says the man at the other end, his accent clearly Indian.


The conversation goes on for a few minutes and we get the sense that the Caucasian man is talking to an Indian customer service executive regarding an extra payment credited to the former’s account, which he has to return. All the while, he bangs away furiously at the keyboard.


Rishika Desai Rishika Desai 

“So,” he says, “should I just get the money to Kolkata and give it to you?”

This is met by a stunned silence, followed by a barrage of expletives in Hindi. We all know them.

But the white man is not done.

“Kausani? Is that where you are? Hamza Palace?”

With each sentence, the Indian at the other end gets increasingly aggressive till he disconnects the call. But the Caucasian, actually an ethical hacker who goes by the name Nacho, is still not done. In the course of his conversation, he has wormed his way into the latter’s computer and is now browsing through his photo gallery and email inbox. Behind him, men and women of various nationalities whoop, cheer and exchange high fives.

Much to the embarrassment of the Central government, the modus operandi of cybercriminals based in India is becoming increasingly sophisticated, and fake call-centres are one of their latest tactics. Both the US and the UK have standing advisories on their law enforcement websites, cautioning citizens against Indian scam callers. The matter was even taken up in the British Parliament in April 2020.

Over the last ten years, scam call centres have been busted all over the country, including Mumbai, Thane, Kolkata and Noida. In this 2018 raid by the Delhi police, 126 accused were arrested and were alleged to be making as much as $50,000 per day by defrauding US citizens. Pics/Getty ImagesOver the last ten years, scam call centres have been busted all over the country, including Mumbai, Thane, Kolkata and Noida. In this 2018 raid by the Delhi police, 126 accused were arrested and were alleged to be making as much as $50,000 per day by defrauding US citizens. Pics/Getty Images

“With regards to our work with India and the Indian Government, my noble friend mentioned the City of London Police, which, as I said, is the lead force for economic crime and has partnered with law enforcement and industry to combat call-centre fraud from India and other jurisdictions. It has, for example, partnered with Microsoft, which has led industry efforts to combat this kind of fraud, and as a consequence of that partnership the City of London Police has supported Microsoft in the initiation of a number of enforcement actions, the most recent of which occurred in the Kolkata region,” Baroness Williams of Trafford, a member of the House of Lords, had told Parliament.

The matter is also brought up at international law enforcement summits every year, even as losses to foreign citizens continue to mount. Data released by the Federal Bureau of Investigation last year stated that US citizens suffered losses to the tune of $3 billion in two years. While Americans lost $6.9 billion in 2021, the amount stood at $10.2 billion just in the first 11 months of last year. So much so that the FBI has now deputed a representative at the US Embassy in New Delhi to work with the Indian law enforcement.

“They use their knowledge of real call-centre operations to target the vulnerable [overseas], often the elderly or non-tech savvy,” says Rishika Desai, cyber threat researcher at Bengaluru-based cybersecurity firm CloudSEK.

She elaborates, “Cybercriminals typically obtain victim data from lead brokers on the dark web or other mediums. The targets are often senior in age, and less aware of recent technological advancements. Once they have this data, the cybercriminal uses proxies and VPNs to pose as help desks and support system professionals of reputable organizations. They then offer fraudulent services or support.”

The most common modus operandi is simple yet ingenious—the scammers pose as tax service officials, tell the victims that they have outstanding dues, which is a federal offence, and convince them that police vehicles will soon be pulling up outside their house unless they pay up. The ruse worked for a surprising number of years before people got wise to it. 

Now, the scammers have moved on to posing as customer support executives of computer or mobile phone manufacturers, where they convince the targets to install screen-sharing apps. Once they can see the victim’s screen, the scammers steal their banking info and clean out their accounts. 

The People’s Call Centre was an anti-scammer initiative undertaken by a group of scambaiters—Internet activists who came together to take on Indian scam call-centres. The menace has risen over the years: Hundreds of youth work at such call-centres where they spend their days calling citizens of the United States of America and the United Kingdom. Earlier, these “payments” could be in the form of electronic gift cards from leading e-commerce portals. Today, the scammers even accept cash routed through their own hawala channels back to India.

“It took a couple of years for Indian law enforcement to realise that this was bigger than just one or two clever men with a great idea,” says a cybersecurity consultant who works with the Government of India. “As months turned into years, and increasingly more call-centres were busted, they uncovered a network of agents in the US and UK. Their agents would convert the value of the gift cards into funds in the accounts of the mastermind, and send its equivalent in Indian currency to Indian counterparts.” Over the last 10 years, such scam-centres have been busted in Mumbai, Thane, Kolkata and Noida, and the calls still continue.

People’s Call Centre, spearheaded by ethical hacker Pierogi, kicked off on July 25. For two weeks, around 100 hackers from around the world baited and uncovered Indian scammers.

The first phase was executed in collaboration with AnyDesk, a screensharing software normally used by corporate employees. It allows employees to access their office computers when working remotely. It did not take long for cybercriminals to enlist AnyDesk for nefarious purposes. Today, it is the number one tool in the hands of tele-calling scammers, much to the chagrin of its manufacturers.

In the first phase of the operation, the hacktivists gathered at the headquarters of AnyDesk in Tampa, Florida. The entire operation was covert uptill the last minute, with even the participants kept in the dark about the destination.

For two days, Pierogi and friends collected AnyDesk IDs—unique identity numbers assigned to each device using the software. Whenever one was misused by scammers, they called them up using the contact details associated with the IDs. It was just a taste of things to come: They scammers knew that the hacktivists were coming for them. The onslaught was met with abuses and threats. Pierogi’s teammates simply let them rant and hang up. After each conversation, AnyDesk immediately disabled the ID so that the scammers could never use the software again.

In the People’s Call Centre, Phase Two is going strong. The hacktivists have infiltrated the scammers’ computers using, ironically, AnyDesk. While speaking to them, they reversed-traced their IP addresses and now have complete access every time the scammer turns the computer on. Gleefully, one of the hackers wipes out all the data and leaves a cryptic note for the scammer on his Notepad app. The scammer responds: “He just typed m*******d on one of my notes,” the hacker says. “I’m assuming that’s an insult.”

Another hacktivist, Ryan Montgomery, intercepts a scammer’s call to a 90-year-old American woman. Montgomery takes over the conversation with the woman, while Pierogi, standing right behind him, talks to the scammer, wasting his time. Gently but urgently, Montgomery tells the woman to take her computer to her nearest service centre, where all intrusive software or programs can be deleted immediately.

In Phase Three, the People’s Call Centre goes into midnight mode—all the lights in the room are turned off and dimmer lights are switched on. This is not just the most crucial part of the campaign, it is also the most fun.

Using the data collected during Phases One and Two, the hacktivists go back into the scammers’ computers and turn on their cameras, while calling them up at the same time.

“Hello, Ravi?” Pierogi asks, pronouncing the name as ‘Raavee’. “Is that Ravi?”

The accent alerts Ravi that this could be a scambaiter, and he hangs up. The hackers then send the live feed from their HQ to Ravi’s computer, and the last image on the screen is a stupefied Ravi staring at himself.

Parth Sharma is up for even more embarrassment. When the hackers turn his computer on, he is sitting in his bedroom in nothing but his boxers. Amidst snide comments about hygiene—Sharma has apparently been in the same boxers for three days in a row—Pierogi calls him up and also shares the live feed with him. Sharma flies into a panic, cuts the call and then calls someone else to tell them urgently, in Hindi, that something is going very wrong. The entire conversation is captured on camera.

“It was a magnificent operation,” a central government cyber expert tells mid-day. “Not only did they turn over tonnes of data to the local law enforcement, they also found addresses of the hawala agents who move the money from overseas to India. Now we also know that scammers are moving from office setups to their own houses. We are still getting more details on this.”

India Calling 

Scamster: Hello, is this XXXX?
Victim: Yes?

S: This is XXXX from the Internal Revenue Service
V: Oh my God

S: I’m afraid so, Ma’am.
V: Am I in trouble?

S: Well, that’s what we need to talk about. I have your tax filings in front of me here and what I can see is that you owe the US government upwards of 10,000 dollars as of today.
V: Oh my…what? How can that be?

S: You tell me, Ma’am. It’s your taxes that are the problem.
V: Ok there must be some mistake here, because my CPA always…

S: I can only tell you what my records tell me, Ma’am. And this is a federal offence we’re talking about. I’m sure you follow the news.
V: Oh God..yeah, yeah, I mean, I do know it’s a serious offence.

S: That’s right. My superiors want to send a squad car to your house to pick you up right now, unless you settle your pending dues immediately.
V: Oh no! Please! My kids are in the house! My neighbours are around! Oh my God!

S: Okay, okay, I need you to calm down. There is a way out of this, but you need to work with me here.
V: Anything. Just tell me what to do.

S: How much can you pay up front? We need to resolve this fast so that it doesn’t become a problem for the both of us.
V: Sure, what do you need?

S: Write down this address. You need to meet this person tomorrow and give him Apple gift cards worth $5,000.
V: But that’s too much! I don’t have that kind of money lying around!

S: How much can you manage?
V: Maybe $1,000?

S: No good. We need at least $3,000
V: I can do $1,500. That’s the highest I can go.

S: Okay, that’s a start. We can work with that. Thank you, XXXXX. We shall speak again.

"Exciting news! Mid-day is now on WhatsApp Channels Subscribe today by clicking the link and stay updated with the latest news!" Click here!

Register for FREE
to continue reading !

This is not a paywall.
However, your registration helps us understand your preferences better and enables us to provide insightful and credible journalism for all our readers.

Mid-Day Web Stories

Mid-Day Web Stories

This website uses cookie or similar technologies, to enhance your browsing experience and provide personalised recommendations. By continuing to use our website, you agree to our Privacy Policy and Cookie Policy. OK