Microsoft Collaborates with CBI to Disrupt Indian Call Center Operation Involved in Japanese Tech Support Fraud

India’s Central Bureau of Investigation (CBI) has successfully dismantled two illegal call centers involved in a sophisticated transnational tech support scam targeting Japanese citizens. The operation resulted in the arrest of six individuals and was carried out on May 28, 2025. This initiative, known as Operation Chakra V, aimed at combating cyber-enabled financial crimes through coordinated searches across 19 locations in Delhi, Haryana, and Uttar Pradesh.

The CBI reported that these cybercrime syndicates posed as technical support representatives from various multinational corporations, including Microsoft, deceiving foreign nationals, predominantly Japanese citizens. Victims were led to believe that their electronic devices were compromised, prompting them to transfer funds into mule accounts.

In collaboration with the National Police Agency of Japan and Microsoft, the CBI was able to trace the perpetrators and their operational structure. Significant evidence, including computers, storage devices, digital video recorders, and mobile phones, was seized during the operation.

The criminal enterprise employed advanced social engineering techniques along with “technical subterfuge” to extract funds under false pretenses. A Microsoft representative noted, “With the growth of cybercrime-as-a-service, connectivity among cybercriminals has increased and become more global. We must continue to look at the full ecosystem in which these actors operate and coordinate with multiple international partners to address cybercrime effectively.”

Furthermore, Microsoft has been working closely with the Japan Cybercrime Control Center (JC3) to dismantle fake technical support scams, leading to the elimination of around 66,000 malicious domains and URLs globally since May 2024. This collaborative effort has identified a broader network involved in these operations, including creators of pop-ups, search engine optimizers, lead generators, and payment processors.

The actors behind this scheme utilized generative AI to enhance their operations, aiding in the identification of potential victims, automating the creation of malicious pop-up alerts, and performing language translations specifically aimed at Japanese targets. This activity underscores the increasingly sophisticated tactics employed by cybercriminals and the critical need for proactive global collaboration to protect victims.

The operation coincided with reported links between a recent data breach at Coinbase and India-based customer support representatives, prompting concerns about the involvement of bribed employees in perpetrating security violations. As companies fortify their cybersecurity measures, continuous vigilance and cooperation among international law enforcement are paramount.

In related news, an international crackdown on the distribution of child sexual abuse material (CSAM) led to the arrest of 20 suspects across 12 countries from March to May 2025. Spanish authorities apprehended seven individuals, which included a healthcare worker accused of soliciting explicit images from minors. INTERPOL announced that further investigations are ongoing into 68 additional identified suspects across Europe and the Americas.