“Digital Arrest” Scams & MHA Action: New Safeguards on WhatsApp to Tackle Cyber Extortion
The Union Home Ministry (MHA) has intensified its crackdown on “digital arrest” scams by directing WhatsApp to roll out stringent security measures, including blocking device IDs (IMEI) of repeat offenders and using AI to detect impersonation of law-enforcement officials. The move follows a surge in such cyber extortion cases, with Indians losing an estimated ₹1,935 crore in 2024 alone, according to data shared by the Ministry of Home Affairs and the Indian Cybercrime Coordination Centre (I4C).
Background: Rise of “Digital Arrest” Scams in India
“Digital arrest” is a form of online extortion in which cybercriminals impersonate police, CBI, ED, or other authorities and virtually confine victims through intimidating video calls. I4C data show that reported “digital arrest” complaints more than tripled between 2022 and 2024, with losses rising from about ₹91 crore (2022) to ₹1,935 crore (2024)—a 21-fold jump.
The scams are often run from fraudulent call centres in Southeast Asian countries such as Cambodia, Myanmar, Laos and Thailand, where organised cybercrime networks target Indian users via internet-based calls and messaging apps. In response, I4C and MHA have already blocked over 83,668 WhatsApp accounts, 3,962 Skype IDs, around 7.81 lakh SIM cards, and over 2 lakh IMEIs linked to such frauds by early 2025.
MHA Directives to WhatsApp (March 2026)
After a review by a high-level Inter-Departmental Committee (IDC), the government has issued a set of time-bound directions to WhatsApp, generally expecting compliance within 4–6 months.
1. Blocking Device IDs (IMEI), Not Just Numbers
- WhatsApp has been asked to block devices—identified via International Mobile Equipment Identity (IMEI)—used repeatedly in digital arrest scams, instead of only blocking individual mobile numbers.
- This prevents fraudsters from simply inserting a new SIM card into the same handset to create fresh accounts and continue scams.
2. AI-Powered Detection of Impersonation
- MHA has directed WhatsApp to strengthen its AI and machine learning tools to automatically detect and flag accounts that impersonate law-enforcement agencies or misuse forged official documents.
- This includes patterns such as profile pictures showing police uniforms, use of official emblems, and repeated mentions of agencies like CBI, ED, NIA or local police in a coercive context.
3. SIM Binding for WhatsApp Accounts
- A “SIM binding” mechanism will tie a WhatsApp account to a specific SIM card on a particular device, restricting anonymous multi-device usage by fraud syndicates.
- If the SIM is removed or changed, the app may require re-verification, making it harder for scammers to operate multiple accounts on the same device.
4. Safety Features Against Malicious Apps (APKs)
- In many scams, fraudsters send malicious APK files or remote-access apps (screen sharing, mirroring) during calls to take control of victims’ phones.
- MHA wants WhatsApp to introduce Skype-like safety features: enhanced caller information, warnings on suspicious accounts, and automatic detection/blocking of malicious APK links shared through the platform.
Additionally, under IT Rules 2021, the government is considering longer retention of deleted account metadata (up to 180 days) to support investigations.
How “Digital Arrest” Scams Work: Modus Operandi
The “digital arrest” scam combines social engineering, fear, and deepfake-like visuals to psychologically overpower victims.
-
Initial Contact
-
Victims receive a WhatsApp call or message claiming to be from a courier company, telecom operator, or law-enforcement agency.
-
Common script: A parcel/Aadhaar/mobile number is allegedly linked to drug trafficking, money laundering, or cybercrime.
-
-
Visual Deception via Video Call
-
The scammer shifts to a video call, appearing in police or agency uniform, often using AI-generated backdrops resembling a police station, control room, or courtroom.
-
Screens are shown with fabricated FIRs or “case files” to make the threat look genuine.
-
-
“Digital Arrest” and Isolation
-
Victims are told they are now under “digital arrest”, must stay visible on camera, and are forbidden to contact family, lawyers, or colleagues.
-
Calls sometimes continue for hours or days, creating a state of virtual custody and psychological captivity.
-
-
Extortion of “Security Deposit” or “Bail Money”
-
Under the guise of “verification”, “KYC check”, or “bail/security deposit”, the victim is forced to transfer money via UPI, net banking, or crypto.
-
Once funds are received, the scammers cut contact and vanish, leaving victims too embarrassed or confused to complain immediately.
-
Scale and Geography of the Menace
-
Financial Losses:
-
- Government data show that Indians lost ₹1,935.51 crore to digital arrest scams in 2024, compared to under ₹100 crore in 2022.
- Over 1.23 lakh complaints related to digital arrests were lodged on the National Cyber Crime Reporting Portal in 2024 alone.
-
Origin of Operations:
-
I4C and media investigations indicate that 45–50% of such scams originate from Southeast Asian countries, especially Cambodia, Myanmar, Laos and Thailand, where organised “scam factories” target Indians.
-
-
Government Action So Far:
-
- Blocking of 83,668+ WhatsApp accounts and 3,962 Skype IDs linked to digital arrest scams.
- Deactivation of around 7.81 lakh SIM cards and over 2,00,000 IMEIs used for cyber frauds.
- Formation of a high-level committee by MHA to recommend platform-level safeguards and coordinate with DoT, MeitY and state police.
Significance for UPSC: Cyber Security, Platform Regulation and Governance
This development is important for GS-2 and GS-3 (Internal Security, Technology, Governance).
-
Platform Accountability:
-
Shows how the government is using its powers under the IT Act and IT Rules 2021 to push intermediaries like WhatsApp to add structural safety features, not just respond to complaints.
-
-
Tech-Enabled Enforcement:
-
Use of AI/ML, device fingerprinting and SIM binding reflects a move towards proactive, systemic risk reduction rather than case-by-case blocking.
-
-
Transnational Crime & Cooperation:
-
Highlights challenges of cross-border cybercrime, calling for cooperation with Southeast Asian countries and better data sharing.
-
-
Citizen Awareness:
-
MHA and I4C campaigns emphasise that no genuine law-enforcement agency “digitally arrests” people or demands money over calls, making digital literacy a key defence.
-
For Mains, it connects to themes like cyber-enabled extortion, regulation of Big Tech, data protection, and balancing privacy with security.
Practical Safety Tips for Citizens
Based on MHA and I4C advisories:
- Do not trust any call/video call claiming to be from police/CBI/ED that:
-
- Demands money for “bail”, “verification” or “clearing your name”.
- Asks you to stay on video continuously or not talk to family.
- Never install unknown APKs, screen-sharing or remote-access apps on someone’s insistence.
- Verify through official phone numbers/visits if any legal action is claimed.
- Report immediately on 1930 helpline or the National Cyber Crime Reporting Portal.
FAQs on “Digital Arrest” Scams and MHA–WhatsApp Measures
It is a cyber extortion scheme where fraudsters impersonate law-enforcement officials on video calls, claim the victim is involved in a crime, place them under virtual “arrest”, and coerce them to transfer money as “bail” or “security deposit”.
According to data shared in Parliament and by I4C, Indians lost about ₹1,935.51 crore to digital arrest scams in 2024, with over 1.23 lakh complaints filed.
MHA has directed WhatsApp to block device IDs (IMEIs) of repeat offenders, deploy AI to detect impersonation of law enforcement, introduce SIM binding for accounts, and add safety features to detect and block malicious APKs and scam networks, broadly within 4–6 months.
Investigations by I4C show that many scam operations are run from Southeast Asian countries, particularly Cambodia, Myanmar, Laos and Thailand, via call centres targeting Indian users.
The government has blocked over 83,668 WhatsApp accounts, 3,962 Skype IDs, around 7.81 lakh SIM cards, and more than 2 lakh IMEIs linked to digital arrest and related cyber frauds, along with setting up a high-level committee for further measures.
They should disconnect immediately, not transfer any money or install apps, verify independently through official channels, and report the incident to the 1930 cybercrime helpline or the National Cyber Crime Reporting Portal as soon as possible. Q1. What is a “digital arrest” scam?
Q2. How much money did Indians lose to digital arrest scams in 2024?
Q3. What has the Home Ministry asked WhatsApp to do?
Q4. Where do most digital arrest scams originate from?
Q5. What action has the government already taken against such scams?
Q6. What should citizens do if they receive such a call?
