India’s Central Bureau of Investigation (CBI) has arrested four individuals and revealed that it has dismantled two illegal call centres that have been found to be engaged in sophisticated cross-border technical assistance fraud targeting Japanese citizens.
Law enforcement conducted a coordinated search in 19 locations in Delhi, Haryana and Uttar Pradesh on May 28, 2025, as part of an initiative aimed at combating cyber-enabled financial crimes.
According to the CBI, the Cybercrime Syndicate fraudulently Japanese, primarily Japanese citizens, by pretending to be technical support personnel for various multinational companies, including Microsoft.
“The Syndicate operates a call center designed to be displayed as a legitimate customer service center, through which the victims were deceived and the electronics were compromised,” the agency said. “Under this pretext, the victim was forced to transfer funds to the mule account.”
Authorities said they have worked with the Japanese National Police Agency and Microsoft to allow them to track the scheme’s perpetrators and their operational structure. Additionally, valuable evidence in the form of computers, storage devices, digital video recorders and mobile phones has been seized.
The CBI said Operation Criminal Enterprise will use advanced social engineering technology and “technical diving” to deceive victims and withdraw money by pretending to be false.
“As services grow as cybercriminal, connectivity between cybercriminals has increased and become more global,” said Stephen Masada of Microsoft. “We must continue to see a complete ecosystem for these actors to work and coordinate with multiple international partners to help them deal meaningfully with cybercrime.”
Tech Giant also said it has worked closely with the Japanese Cybercrime Center (JC3) to reveal fake technical support scams, allowing it to remove around 66,000 malicious domains and URLs worldwide since May 2024.
Cross-sector collaboration has enabled them to identify the broader networks behind these operations, including pop-up creators, search engine optimizers, lead generators, logistics and technology providers, payment processors and talent providers.
“These actors have expanded their business using generated AI, including identifying potential victims, automating the creation of malicious pop-up windows, and performing language translations to target Japanese victims,” Masada said.
“This activity highlights the increasingly sophisticated tactics cybercriminals employ, and highlights the importance of proactive global collaboration to protect victims.”
The measure comes shortly after Reuters reported that the recently disclosed data breaches at Coinbase have a link to Taskus, which was bribed to steal customer data from cryptocurrency exchanges.
The violation was said to have been first identified in January 2025, and Taskus said he fired two employees after illegally accessing them from Coinbase around the same time. Coinbase then ended its contract with the company.
The development also saw 20 suspects arrests in 12 countries between March and May 2025 and arrested in international operations on charges of preparing and distributing Child Sexual Abuse Materials (CSAMs).
“The Spanish authorities have arrested seven suspects, including healthcare workers and teachers,” Interpol said. “Health workers are allegedly paid explicit images to minors in Eastern Europe, but teachers have been accused of owning and sharing child sexual abuse material through various online platforms.”
Another ten suspects have been arrested from various Latin American countries, including three in El Salvador and a teacher in Panama. The remaining arrests took place in Europe and the United States. Interpol said 68 additional suspects have been identified and further investigations are currently underway around the world.
Source link
