So, you’ve been using AI to make office work a bit easier. Or perhaps you’re using it to help stick to your healthy-eating goals. But did you know that AI has also made it easy — frighteningly easy — to pull off all sorts of digital scams? The fraudsters were always there, and so were their targets. It’s the cloak of credibility, the air of plausibility in which AI has helped dress up digital scams that’s scary. Thanks to AI, potential defrauders don’t have to actually know any of the tech stuff themselves. They just need a Telegram account, a few thousand rupees, and the ‘right’ places to go on the web: the “Fraud-as-a-Service” (FaaS) platforms.It is as easy as e-commerce. Dissatisfied customers even get their money back.Cybersecurity experts who scour the shadowy corners of the dark web say the FaaS model borrows directly from the ‘software-as-a service’, or ‘SaaS’, economy. And platforms with names that leave little to the imagination — FraudGPT, WormGPT, EvilGPT, DarkBard and DarkWizardAI — are all part of a growing ecosystem in which fraud tools are packaged, updated and sold.The way it works is simple: a potential scammer goes to the site and subscribes to the scam toolkit required. From AI-generated phishing mails tailored by a victim’s job, location, role, geography or financial behaviour, to sending out fake emergency calls from relatives, and from deepfake KYC videos to using AI voices or deepfakes to impersonate officials who threaten digital arrest, it’s possible to pull off any scam for a small fee.
‘Industrialisation of fraud’
“FaaS schemes are almost indistinguishable from how normal, legal businesses operate — constantly optimising their return on investment through scalable tactics,” says a report by Juniper Research, a UK-based market intelligence and analyst firm.
Quote
It’s the “industrialisation of fraud”, says Srinivas L, joint MD and joint CEO of 63SATS Cybertech, a cybersecurity solutions firm. “If you have about Rs 2,000 and a Telegram account, you can easily perpetrate fraud — and you don’t have to write a single line of code,” Srinivas explains.Vishal Gauri, CEO of data security company Seclore Technology, says the biggest change is the collapse of the skill barrier. “The attacker no longer needs technical knowhow; they just need to subscribe. These FaaS platforms come with documentation, customer support and version updates. The operating model is enterprise SaaS for criminals,” he says.AI has also made scaling up easier. A fraudster can now generate thousands of personalised phishing emails in different languages, clone voices from short audio clips, create deepfake KYC videos, and automate messages tailored to a victim’s job, location or financial behaviour.“AI generates personalisation at scale,” Gauri says. “The same FaaS platform can produce one lakh tailored phishing emails or 1,000 deepfake calls in hours, each targeted by role, geography and language.”Citing US-based cybersecurity firm DeepStrike’s 2025 report, he says FaaS offerings on the dark web marketplaces grew by more than 120% year-on-year. These marketplaces processed $3.4 billion in transaction volume in 2025, while daily Tor (The Onion Router, a free, open-source software network designed to enable anonymous internet communication, not illegal in itself) users rose from 3 million in 2024 to 4.6 million in 2025.
Scamsters’ paradise
Across FaaS platforms, the commonest product sold is the phishing kit. In underground circles, some of these packages are known as ‘SCAMA’. They include fake login pages designed to mimic those of banks, e-commerce companies, govt-facing platforms and public services such as IRCTC. Depending on the number of templates and services bundled, such kits can cost between Rs 500 and Rs 8,500 a month.Once bought, they are used to send texts, emails or links that appear to come from legitimate companies. Victims are directed to fake pages, where they enter usernames, passwords, card details, UPI PINs or other credentials. The fraudster does not need to build the page or understand how the backend works. The kit does it all.But phishing is only one part of the larger business. The fraud supply chain now includes identity datasets, mule account networks, SIM cards, OTP interception tools, fake customer care centres, deepfake video tools, KYC bypass services and payment-routing systems.Ranjan Reddy, founder and CEO of Bureau, a US-based fraud prevention and identity intelligence platform, says the underground market has evolved from merely selling leaked data to selling complete fraud modules. “If you want to launch a romance scam, you can buy the entire module,” he says.A basic subscription may cost $20 (Rs 1,902) a month for templates, while $50 (Rs 4,755) may include live support over Telegram or WhatsApp. Deepfake KYC subscriptions, he said, can cost about $160 (Rs 15,220) and allow users to create large numbers of fake accounts.
India’s weak spots
Mule accounts are among India’s most serious problems, Srinivas says. Young jobseekers are lured through Telegram and WhatsApp groups with offers of quick money — sometimes Rs 5,000 a week — for allowing transactions through their bank accounts. Many do not realise they are helping launder the proceeds of cybercrime.India’s vulnerability is amplified by the speed of its digital adoption. UPI has made transfers instant, and millions of first-time digital users from Tier-2 and -3 markets now transact online daily. But digital literacy, experts say, has not kept pace with access. “India has become a big target. UPI is the Ferrari car that we built without brakes,” Srinivas says, pointing out that nearly 86% of Indian households are online, while many users still lack what he calls a “fraud reflex”.Bureau data shows that a complete identity profile can be assembled for under Rs 400.“What once required technical expertise and established criminal connections now requires only a payment,” Bureau says in its report ‘India Fraud Report 2026: Digital Fraud at Scale’. According to data provided by the Indian Cyber Crime Coordination Centre, India lost Rs 22,495 crore to cybercrime in 2025, a 24% increase over 2024. The country registered 28.15 lakh cybercrime cases. Investment scams accounted for 76% of losses, while digital arrest scams made up 9%.
Quote
Banks have shared 18.43 lakh suspect identifiers and 24.67 lakh mule accounts through the I4C registry, helping prevent fraud worth about Rs 8,031 crore. But industry executives say attacks continue to rise.Fraud hubs have also spread beyond Jamtara, with locations such as Nuh, Alwar, Bharatpur, Mathura, Bokaro, Ahmedabad, Hyderabad, Chandigarh, Guwahati and Visakhapatnam under increased scrutiny.
Companies under attack
Consumer platforms, too, are increasingly being hit — by refund abuse, reseller fraud, fake accounts and account-takeover attacks. Bureau estimates reseller-driven leakage at 2% to 5% of gross merchandise value for large e-commerce platforms. Food delivery platforms alone see fraud volumes of Rs 10 crore to Rs 30 crore a month per platform.Images generated using AI are being used to fake damaged products or incorrect deliveries, enabling fraudulent refunds. In other cases, a single device cycles through hundreds of accounts to harvest promotions before targeting accounts with saved payment instruments.Citing research data, Gauri says 82.6% of phishing emails are now AI-generated. Around 47% of Indian adults have either been victims of, or know someone who has been a victim of, an AI voicecloning or deepfake scam, he adds, citing BioCatch data.
Defences are catching up
Cybersecurity firms are trying to respond to the threats at different points in the chain.Ashish Tondon, CEO and founder of Indusface, says AI is helping attackers discover vulnerabilities in existing applications at machine speed. “These are not new classes of vulnerabilities,” he says. “Because of machine speed, what was found in days and months is now being found in minutes.”
Digital scams, in 11 easy steps
Hyderabad-based Blue Cloud Softech Solutions is focusing on dark-web monitoring through Blutor, while 63SATS Cybertech is targeting citizen-facing defence through CYBX, a cybersecurity app with embedded insurance.Seclore is focusing on enterprise data protection. Gauri says every exposed file, credential, prompt history or unmasked record inside an AI pipeline can become raw material for fraud.
Identifying the real threat
Lawenforcement agencies are also trying to catch up. Hyderabad cybercrime police say they have not yet come across scamsters directly using such AI tools in local cases, but acknowledge that the ecosystem has become much more organised and transnational.“Previously, cybercrime involved isolated incidents with most of the players from India. But now it is becoming more organised, modernised and international. Fraudsters seem to be using new technologies and modernised tools and networks such as AI tools, mule accounts, SIM networks and digital platforms to exploit loopholes in our systems,” says Arvind Voleti, DCP Cybercrime, Hyderabad.Voleti says data leakage is a major concern and that enforcement of the Digital Personal Data Protection Act would strengthen accountability.For cybersecurity firms and law enforcement agencies, the lesson is clear: fraud can no longer be treated as scattered crimes investigated after victims lose money. It is now an industry with subscriptions, infrastructure, service desks, upgrades and global payment channels.“The question is not about being Digital India. We have to be a trusted Digital India, and that requires treating fraud as an industry to dismantle and not as a crime that just needs to be looked at,” Srinivas says. Go to Source

