Every instance of a scam being reported—whether involving a few thousand rupees or losses running into crores—continues to cause deep frustration. Such cases are heard of almost daily. No one appears to be spared—friends, family, or business contacts. Within the sector, financial fraud is witnessed frequently, and interactions have even occurred with scammers directly. What continues to shock is not only the methods being used—but the impunity with which operations are carried out.
These frauds are not being committed as isolated incidents or clever technical hacks. They are being executed by structured, organised networks that have turned fraud into a business model. Gaps in the system are being exploited at scale. When action is taken only after the fraud occurs, even if every Investigating Officer (IO) across the country were to focus solely on cybercrime, a significant impact would still not be made. That is the scale and persistence of these fraud syndicates. Expecting IOs to bear the entire responsibility has become both unrealistic and unfair. By the time their work begins, the damage is already done.
The best possible effort is being made by law enforcement with the resources available to them. Institutions such as the Indian Cyber Crime Coordination Centre (I4C) have been taking commendable steps—gathering data, analysing patterns, and enabling coordination across states. Initiatives such as the National Cyber Crime Reporting Portal have been launched to encourage citizen participation and streamline response mechanisms. However, this challenge cannot be resolved by law enforcement alone.
So, where should the solution be sought? Greater responsibility must be assumed by banks, telecom operators and crypto exchanges.
Mule accounts are being created at banks—often in bulk—using weak or forged KYC documents. Once fraud is executed, the money is routed through these accounts and disappears. Telecom operators have also been linked to vulnerabilities—SIM cards have reportedly been sold in bulk without sufficient verification, enabling scammers to establish anonymous call centres. Meanwhile, crypto exchanges are being used as the final step—where stolen funds are being converted into cryptocurrency, routed across borders, or obscured using mixers, making traceability extremely difficult.
Large amounts of metadata are available to these sectors—metadata that holds the potential to act as early warning signals. Unusual account behaviour, multiple accounts linked to a single device, communication patterns among syndicate members, suspicious SIM activation trends, high-frequency wallet creations tied to flagged identities, IP and IPDR details—all this data is available, but often underutilised.
This information must be leveraged more effectively. Rather than being stored as passive logs, it needs to be translated into real-time action—such as automated alerts, freezing of suspicious accounts, or immediate flags to law enforcement before the fraud cycle completes.
What is needed is not just improved enforcement, but systemic disruption. The scam lifecycle must be made more difficult, more risky, and less profitable. That is the only sustainable deterrent.
Fraud must be made expensive and time-consuming—until it becomes uneconomical for syndicates to continue. Each person who falls victim to fraud loses more than just money. Trust in institutions is eroded. A sense of personal humiliation often follows. The emotional fallout of these scams is rarely reflected in official statistics, but its impact is both real and widespread. The psychological damage caused by fraud can no longer be overlooked.
Consequences are not feared by fraudsters—largely because they are not being faced. The system, as it stands, does not move fast enough to keep pace. That, above all, is what must be changed.
This is not a call to raise more alarms. The problem is already well-known. What is needed now is coordinated, consistent action—faster response systems, stricter controls, smarter technology, and shared responsibility. That is the only way to move from reaction to prevention—and to truly stay ahead of the fraud.
Equally important is the need to modernise how we educate and protect consumers. Traditional awareness campaigns have limited impact. Instead, digital platforms must embed smart, real-time nudges. If a user is about to send money to a flagged account or interact with a suspicious crypto address, the system should alert them, or even temporarily block the transaction. These nudges, combined with behavioural analysis, can drastically reduce fraud success rates.
From a policy perspective, regulation must keep pace with innovation. Static rules and protracted policy cycles cannot counter fast-evolving fraud tactics. Regulatory sandboxes, trial runs, and adaptive policy frameworks can help test and implement new fraud detection technologies without delay. The fight against cyber fraud cannot be fought in silos. It demands a connected ecosystem where law enforcement, private companies, regulators, and consumers work in tandem. Every scam doesn’t just cost money. It erodes trust in digital systems, in governance, and in our collective ability to protect citizens.
Raising awareness isn’t enough anymore. We need to raise the heat on the scammers. Make fraud expensive, difficult, and high-risk. Only then will we tilt the balance back in favour of the honest user. It’s time to stop reacting and start preventing. Because in the world of cybercrime, delay is damaging.
(The author, Kaushal Bheda, is the Director – GovTech, of Pelorus Technologies.)
