At least 360 Indian citizens, who were coerced into working as “cyber slaves” in Cambodia, have been successfully repatriated to India over the past four to five months, said Rajesh Kumar, CEO of the Indian Cyber Crime Coordination Centre (I4C), on Wednesday. An additional 60 Indians still trapped in Cambodia are expected to return in the coming weeks.
In response to a surge in cybercrimes targeting India from Southeast Asia, especially Cambodia, Myanmar, and Laos, the Union government established a high-level inter-ministerial committee on May 16. This committee, chaired by the special secretary (Internal Security) of the Ministry of Home Affairs (MHA), includes officials from the ministries of external affairs, finance, electronics and information technology, and telecommunications, as well as representatives from the CBI, NIA, CBIC, and the department of post. The committee has convened twice so far, Kumar noted.
Kumar explained that the victims were lured to Cambodia with promises of lucrative job opportunities, only to have their passports confiscated and be forced into online scamming activities targeting Indian citizens via platforms such as Telegram, WhatsApp, Facebook, Google Ads, and other fake apps.
“Cyber slaves” are individuals who are deceived into relocating for better job prospects but are instead trapped in locked compounds and made to work as online scammers. Cambodia has become a major hub for this type of exploitation, often with victims traveling through Thailand, Kumar said. While some individuals are victims of human trafficking, others go willingly, unaware of the true nature of the jobs.
To regain their freedom, the victims often have to “buy back their independence” from the crime organizers, Kumar added. Many victims reached out to the Indian embassy in Cambodia, which has facilitated the return of 360 people so far.
On May 20, around 150 victims, mostly from Andhra Pradesh, protested at a suspected scam compound in Sihanouk City, Cambodia. Of these, 60 will be repatriated to India soon in coming weeks, while the remaining 90 were protesting to retrieve their passports, Kumar said. The Indian government is in ongoing communication with Cambodian authorities.
On May 21, the Indian embassy in Phnom Penh issued an advisory warning Indian nationals about fraudulent job advertisements that coerce victims into participating in online financial scams and other illegal activities.
Kumar also mentioned that Section 111 of the new Bharatiya Nyaya Sanhita, which will replace the Indian Penal Code, includes provisions to address cyber crimes as part of organized crime, aiding in the prosecution of those involved in large-scale scams.
Cybercrime Incidents Rising from Southeast Asia
Between January and April 2024, 7,40,957 complaints were registered on the National Cyber Crime Reporting Portal, averaging 7,000 daily. Of these, 85% relate to online financial frauds, with about 46% (39.1% of the total) originating in Southeast Asia. I4C has identified four main types of scams from this region: investment scams (62,687 complaints between January and April 2024 involving ₹222.58 crore), trading scams (20,043 complaints involving ₹1,420.48 crore), digital arrests (4,599 complaints involving ₹120.3 crore), and romance and dating scams (1,725 complaints involving ₹13.23 crore).
Common tactics include fake trading apps, investment apps, loan apps, dating apps, and gaming apps, often employing algorithmic manipulation.
Combating ‘Digital Arrests’
To tackle ‘digital arrests,’ the MHA issued an alert on May 14. In collaboration with Microsoft, I4C has blocked over 1,000 Skype IDs. This scam involves criminals posing as law enforcement officials, claiming a parcel for the victim has been intercepted with illegal goods or implicating a close contact in a crime. Victims are then coerced into remaining visually available on Skype or another video platform until demands are met. This crime relies on social engineering, using both breached personal data and publicly available information from social media.
Kumar advised caution with social media postings, recommending controls on who can view personal information and avoiding public display of phone numbers and relationships. He added that I4C is working with Microsoft to develop AI and machine learning systems to track Skype IDs misusing official logos.
Kumar clarified that in all observed cases of digital arrest, actual human perpetrators have been involved, not AI-generated voices or faces. “AI should be used by us,” he emphasized, noting that Skype data is being provided to train models to identify misuse of Indian government logos.