New Delhi [India], August 16 : In a six-month-long operation, the Special Cell's Intelligence Fusion and Strategic Operations (IFSO) Unit of Delhi Police has dismantled a cybercrime syndicate operating on a large scale.
The entire cyber-crime chain callers, SIM card suppliers, insider data providers, travel agents and the kingpins themselves have been tracked, exposed and arrested in a highly coordinated operation.
The network, operating from Delhi's Kakrola and Uttam Nagar areas, targeted State Bank of India (SBI) credit card holders nationwide, siphoning off crores through a calculated mix of social engineering, insider collusion, and high-speed laundering via cash and cryptocurrency.
According to Delhi Police, an FIR was registered in connection with the operation of a call centre in Kakrola, Dwarka area, which was part of a highly organised cybercrime syndicate operating from Delhi. The accused individuals were involved in large-scale fraudulent activities targeting State Bank of India (SBI) credit card holders across India. Members of the syndicate impersonated SBI customer care executives to deceitfully obtain One-Time Passwords (OTPs) and Card Verification Value (CVV) from unsuspecting victims. These credentials were subsequently used to purchase electronic gift cards from online platforms, which were in turn later used to purchase domestic air tickets.
During the course of the investigation, it was established that the accused persons were engaged in a highly organised and methodical criminal enterprise aimed at defrauding SBI credit card holders across India. The syndicate systematically procured confidential customer data from undisclosed and unauthorised sources, later identified to include insiders within authorised call centres providing Card Protection Plan (CPP) services. The compromised data sets contained personally identifiable information (PII) such as customer names, registered mobile numbers and partial card details, with particular focus on customers already enrolled in the CPP service associated with their Credit Cards.
Armed with this pre-verified information, the accused persons assumed false identities as the authorised SBI customer care executives and initiated unsolicited telephone calls to the targeted customers. The pretext for these calls commonly involved offering assistance, renewal, or verification of CPP benefits, thereby creating a facade of legitimacy and instilling trust in the victim.
As per the police, during the conversation, the accused made strategic use of misleading and fabricated terminologies such as "One Time Permission" and "Customer Value Verification Code" to psychologically manipulate the victims into disclosing highly sensitive banking authentication credentials, including One-Time Passwords (OTPs) and Card Verification Values (CVVs). The process was executed in real time, allowing the syndicate to immediately utilise the stolen credentials to conduct unauthorised online transactions.
These transactions typically involved the purchase of electronic gift cards from e-commerce and travel platforms. Once procured, the gift cards were sold in bulk to certain travel agents and middlemen who used them primarily for the purchase of domestic flight tickets. In exchange, these intermediaries provided the syndicate with either cash or cryptocurrency in the form of USDT (Tether), thus converting the fraudulently acquired card value into untraceable monetary assets.
The criminal activity extended to victims across multiple states, resulting in substantial cumulative financial losses estimated at approximately Rs 2.6 crore, the police said.
First, the syndicate uses a data leak at the source - Insider moles in the authorised Card Protection Plan (CPP) call centre, secretly siphoned off confidential SBI Credit Card data. The "Customer Care" Con Callers, posing as SBI executives, used carefully scripted lies like "One Time Permission" or "Customer Value Verification Code" to trick customers into revealing OTPs and CVVs.
They did a real-time looting - Stolen details were used instantly to buy high-value e-gift cards on platforms.
Gift cards were sold to travel agents for cash or converted into Tether (USDT cryptocurrency), making the money vanish from the financial system. This slick operation ran non-stop, targeting victims across multiple States while carefully avoiding Delhi-based customers of SBI Cards.
The operation took around six months to arrest all the cyber criminals in the entire syndicate.
According to police, a total of 18 cyber criminals were arrested, including syndicate masterminds, orchestrators, strategists, account/cash handlers, Call Centre Insiders and data brokers.
Operational Gang Members involved in field execution, phishing calls, and victim targeting were arrested.
Finance Handlers who did the Crypto/Cash conversion and gift card laundering were also among the arrested.
Police recovered 52 multiple SIM cards customers' bank details,