SatarkNet: Digital Frauds
Abstract [TL;DR]
The surge in digital frauds in India has caused major financial losses even among digitally literate users who are targeted by voice phishing and digital arrest scams. Using a convergent-parallel mixed-methods design (survey N=180, qualitative N=33), participatory action research, and narrative enquiries, this study examines demographic and psychographic factors shaping susceptibility and call-disconnection behaviour. Findings show that fear, urgency, and stereotyping often override rational security knowledge, and that awareness alone weakly predicts secure action (Spearman r=0.143, p<0.05), underscoring the need for situational nudges and visible benefits of security practices. The research emphasises behavioural and infrastructural interventions and proposes "SatarkNet", a joint Ministry of Home Affairs–RBI initiative under I4C that reframes fraud awareness as a shared, evolving responsibility through multi-channel safeguards.
1) Can the police arrest you over a phone call?
Target Identification
Preparation
False Narrative
The fraudster identifies a target to victimise based on the data gathered in the environment scanning.
The fraudster details out and creates the plan for the attack (gets the setup and the script ready)
The fraudster introduces a false allegation and through the fraudulent claims builds a false narrative.
Detachment
Extortion
Acknowledgement
Victims get entrapped into the bubble of the fraudster’s false narrative and enter a mental state of paralysis.
Victims are coerced into disclosing their sensitive information and make financial transaction.
The fraudster stays on call until receiving proof or screenshots of a successful transfer of money into the mule accounts.
Environment Scanning
The fraudster harvests sensitive data from various sources like social media, third party data breaches etc.
First Contact
The fraudster deploys the first weapon, a “hook” that makes the victims want to stay connected on the call.
Disappearance
Aftermath
The fraudster abruptly vanishes and does not recontact the victim, leaving them helpless.
Victims either seek help from cybersecurity safeguards or choose not to deal with their circumstances.
09
04
03
02
10
08
07
06
05
01
This 10-step framework synthesises established attack cycles (Lockheed Martin Cyber Kill Chain, Unified Kill Chain) to map call-based impersonation attacks for our specific context (also formally recognised as an Attack Life Cycle).
The concept of a 'digital arrest' does not exist in India. Thousands, if not lakhs, of people have fallen prey to such impersonation scams, along with other kinds of call-based fraud.
In 2025 alone, 22,495 crore INR in financial losses due to digital fraud were registered by the Reserve Bank of India (RBI), the banking regulatory body of India. This surge of digital frauds in India has inflicted massive financial losses, overwhelming banks with refund pleas and financial distress appeals.
But wait, who could fall for stupid scams, right?
Sure, but then why are even cybersecurity experts, highly educated lawyers, bankers, your doctors, and teachers still falling for frauds? This is the provocation that our team chose to explore.
People are aware of security habits but don't actively adopt them. This is influenced by the misconceptions surrounding the severity of frauds and those vulnerable to them.
Fraudsters are able to exploit the lack of proactive measures and overconfidence during the call.
The current execution of awareness campaigns in this landscape doesn't address this well; therefore, the impact of adopting good financial security habits needs to be visible for people to practice them.
INSIGHT 01
It was during our research interviews when we met Vidya, a 42-year-old corporate worker. Vidya knew that she should never share OTP but she never actively changed her account passwords or enabled 2FA. She couldn't see any value in taking the effort to adopt these practices. This is how the attacker found Vidya's phone number.
INSIGHT 02
During an impersonation of authority, people's ingrained perceptions about them influence their decision-making.
Their beliefs are shaped by the cultural portrayal of formal institutions creating a distance between them and authority.
A communal shift in mindsets is required to change public perception.
INSIGHT 03
Fraudsters exploit factors like fear, greed and urgency to put victims in a state of paralysis. Their judgement of the legitimacy thus gets clouded, making them further immersed in the fraudulent narrative.
Victims require a situational nudge to evoke suspicion, which enables them to disconnect the call.
INSIGHT 04
The rapid evolution of technology is aiding the expansion of Digital Frauds in India. This novelty leaves people unprepared to deal with unfamiliar scams.
The increasing sophistication of these scams makes them indistinguishable from reality.
During a fraud call, the involved channels* need to be equipped with robust infrastructure in order to safeguard the public against frauds.
*Digital Payment Systems( UPI, Net Banking Platforms) , Communication Channels( Voice/Video Call)
Research Problem
Investigating the demographics and psychological factors in call (voice and video) based impersonation frauds among the digitally literate population of India.
Since, despite cybersecurity awareness efforts by safeguarding institutions, digitally literate people continue to fall for call-based impersonation frauds such as voice phishing and digital arrest attacks, we hypothesised that there must be factors beyond awareness that require deeper enquiries.
So Prannjali, Anika and I embarked on a 4-month-long journey into the psychology, business, orchestration and regulation of call-based frauds.
2) The design of frauds
Launched by the National Payments Corporation of India (NPCI) in April 2016, the Unified Payments Interface (UPI) rapidly became the world’s most widely adopted real‑time retail payment system (MoF, 2024). Yet fraud losses associated with UPI nearly doubled from ₹573 crore in 2022-23 to ₹1,087 crore in 2023-24 (MoF, 2024), underscoring how speed and irreversibility can turn security features into liabilities in the presence of live impersonation. By enabling near‑instant fund transfers without meaningful reflection intervals, UPI eliminates the very friction that might otherwise allow victims time to question the legitimacy of the request.
The fraudster's modus operandi exploits the sense of induced curiosity, urgency and greed. There are also stereotypical associations of 'who falls for a fraud' involved with digitally literate people, which makes them think "I could never fall for this".
Fraudsters disperse money for laundering into mule accounts, which further complicates detection (Zigram, 2025), and while RBI’s MuleHunter AI is proactive in detection, false positives and the adaptive nature of fraud suggest that technical flagging alone is insufficient (IndiaAI, 2024). Collective efforts by the Ministry of Home Affairs (MHA) and other ministers have proposed a “kill switch", though it remains at a conceptual stage (MHA, 2025; Narendra, 2026). Without real-time mechanisms to detect and block mule accounts, digital fraud perpetrators will continue to operate with near-impunity.
stakeholder-cum-interest matrix
3) The anatomy of frauds
We conducted a convergent parallel mixed-methods study since that was the most suitable way for the convergent analysis of quantitative and qualitative analysis in this multi-stakeholder context. There was continuous triangulation of data, methods and researchers’ analyses to ensure utmost reliability of the study. Data was collected through multiple qualitative and quantitative methods.
methodology flow
We aimed for a 95% confidence interval in our quantitative sampling frame for digitally literate populations through a questionnaire. We divided our participants into four segments: perfect victims who had lost money, survivors who answered the fraud call but disconnected, witnesses who closely know someone else's story and potential victims who have never received a fraud call.
sampling frame
Our qualitative sample consisted of online expert interviews and on-site interviews from Delhi, Mumbai and Bangalore.
themes
We identified total 7 recurring themes throughout the data collection process. These themes emerged mostly from content analysis, narrative analysis, AD analysis, social listening and triangulation. We further created umbrella themes of Lived Experience, consisting of contextual awareness and association with impersonators and External Support sought.
qualitative recruitment
4) Let's talk to Vidya
Our quant hinted that awareness about security practices wasn't enough, and our qual confirmed that people didn't see any value in adopting these habits. This is being exemplified by ad campaigns that push the narrative of 'othering' and how frauds will happen only to 'moorkh' (stupid) people.
ad by UPI
Vidya had never talked to a policeman and had only ever seen them in movies and media. Her family associated police stations with shame and guilt. So when confronted by the officer, her mind went blank.
During another interview, a woman said that she met a guy on a dating app who was very sweet, and he sent her an expensive gift of gold that he wanted her to receive. When she received a call from the airport asking for extra fee for delivering gold, her first thought was-
"wait why can't he pay for me??"
She lated found out that he was a scammer but it was very interesting to us how she revealed her distaste towards the relationship with the impersonator rather than questioning the legitimacy of the event.
Our experts told us about certain authority biases, cultural conditioning and confirmation bias that also cloud people's judgement during the call itself.
Our quant significantly showed that mere awareness couldn't help anyone, and victims' preconceived ideas about the impersonation affected the way they engage with the fraud.
Vidya completely froze at the fraudster's threatening narrative. She was completely isolated, both physically and mentally, from reaching out for help.
Without any external support, victims are unable to break out of the immersion. The fraudsters take advantage of the shift in people's thinking from systems 1 (quick and hasty decision making) to systems 2 (slow and rational).
Everyday new types of frauds emerge, new loopholes and tactics. So when vidya was asked to send money for verification of bank statements by the police. She didnt know about this; it seemed legitimate so she decided to make it, and the moment she sent it, they cut the call.
People are constantly relying on safety nets to get out of fraud. What happens when the safety nets aren't able to cope up with the constant evolution of fraud itself?
5) How do we save Vidya?
SatarkNet (AwareNet): A joint initiative by the Ministry of Home Affairs and Reserve Bank of India positioned under I4C (India Cybercrime Coordination Centre) that reframes fraud awareness as a shared, evolving responsibility through multi-channel interventions.
SatarkNet operates on 8 main principles:
Grounded in empathy from lived experiences
"Us vs. Scammers" narrative
No victim blaming with non-shaming and empowering tone
Support systems as strength
Collectively 'jaankaar' (educated) audience against evolving frauds
Acknowledging privilege to share stories
Ridicule and humour shifted to the perpetrators
Shared vigilance through collective scam policing
SatarkNet would serve as another vertical of I4C and would also have its own page SatarkNet.gov.in which people can access to know everything about the project and its initiatives.
Through Satark Net we aim to create a community that educates and includes users in storytelling. We aim to reach out through different mediums such as Facebook, Instagram and many more.
When one picks up an highly suspicious unknown number, an advisory in relation to scams will be played, the duration of the advisory is not longer than 15-20seconds These advisories are tailored to one’s demographic and geographic region and the kind of scams occuring with those people. The advisory’s intention is to caution the user about scams and alert them during an unknown call.
We created warning notifications to create nudges that evoke suspicion even before the first contact is made. This notification consists of two parts:
a. On Call Interface: It marks an account as “suspected scam” which is flagged by the AI/ML system of TRAI. (Telecom Authority India). When a number is flagged moderately/ highly suspicious it displays on a persons interface.
b. They also receive a message about 1600 being associated with police to ingrain that prefix and alert the user.
Satark Net is meant to inform your friends and family in case you are in a conversation with a suspicious unknown number. In case there is an attempt to make a financial payment during the call, they’re informed too.
This is to increase the chance of external nudges from friends and family.
Individuals would receive a message from RBI on WhatsApp in case they try to open a payments app during the suspicious call, and they’d receive an automated call from TRAI alongside SMS if an individual picks up a suspicious call.
We carefully weighed the trade-offs when it came to introducing friction to a system which has INSTANT banking as its USP.
Finance and related apps (UPI apps, banking apps, etc.) will not be able to be accessed while the user is on a call with an unknown number. This enables them to cut the call and review their financial decision. The app will further flag high-risk accounts.
The figure shows the complete ecosystem of a user, an unknown number, and all the involved stakeholders and regulatory bodies in a high-risk landscape. It outlines the events that remain beyond the user's control and how the situational interventions come into play when a a high-risk number (flagged by TRAI), a high-risk UPI ID (flagged by NPCI or Gpay) and a high-risk bank account (flagged by RBI MuleHunter) are involved during a call.
No one is immune to frauds. As we reflect on our research journey, having never experienced severe digital fraud ourselves, we were extremely mindful about anonymising data and having utmost empathy for our participants while dealing with such a sensitive context. We ourselves didn't use to adopt the right financial practices, and we weren’t immune to authority biases or the ridicule associated with this landscape; SatarkNet allowed us to explore India’s problem. The behavioural change starts with us.
high-risk landscape
Next Project