Indian authorities have dismantled an international cyber fraud ring accused of operating tech support scams that targeted victims in the UK and Australia. The Central Bureau of Investigation (CBI), as part of Operation Chakra-V, raided three sites in Noida on July 7, including a fully operational call center inside the city’s Special Economic Zone.
The group posed as technicians from major companies like Microsoft, tricking users with fake pop-ups and unsolicited calls into believing their systems were infected. Victims were coerced into giving remote access or paying for bogus services. The scheme, which relied on spoofed phone numbers and VoIP routing through multiple countries, caused losses exceeding £390,000 in the UK alone.
One of the locations, a firm called FirstIdea, used custom scripts and a sophisticated calling setup to scale operations while masking its origin. Investigators caught live fiddle calls during the raids, which were accompanied by the UK time zones. Two people, including a key member of the operation, were arrested.
The crackdown followed 18 months of coordination between the CBI, the UK’s National Crime Agency (NCA), the FBI, and Microsoft. Authorities say over 100 UK residents were targeted, with scammers offering fake solutions to non-existent issues.
The NCA stated that attackers often initiated contact after victims saw fake alerts claiming malware infections. Pop-up messages and fake alerts led users directly into contact with individuals pretending to be official tech support. Once the conversation began, the attackers used common social engineering tricks to convince targets to either transfer funds or hand over sensitive information, all under the false claim that their systems had been compromised.
Incidents like this show just how easily cybercrime can cross national borders. It’s not just about the tech, they rely just as much on psychological pressure to get what they want. Even as global agencies step up enforcement, experts still say the basics matter. Don’t trust surprise tech support calls. Never hand over remote access unless you initiated the contact. Also, keep your software and security tools patched, as most attacks count on you not doing that.
