Microsoft Collaborates with CBI to Disrupt Japanese Tech Support Scam Operated from India
June 6, 2025
In a significant crackdown on cybercrime, India’s Central Bureau of Investigation (CBI) has arrested six suspects and shuttered two illicit call centers engaged in a sophisticated tech support scam targeting Japanese citizens. This operation, dubbed Operation Chakra V, underscores a coordinated effort to tackle cyber-enabled financial fraud across several states. On May 28, 2025, authorities executed simultaneous searches at 19 sites in Delhi, Haryana, and Uttar Pradesh.
The investigation revealed that these syndicates functioned under the guise of legitimate customer service representatives from notable multinational companies, including Microsoft. Victims, primarily Japanese residents, were misled into believing that their electronic devices had been compromised, prompting them to transfer funds under false pretenses. The CBI notes that these call centers employed tactics designed to present a facade of accuracy and urgency, further exacerbating the deception.
The operation aligns with broader efforts to combat cyber threats that leverage social engineering and impersonation techniques. The CBI’s findings illustrate that cybercriminals often exploit sophisticated methodologies to convince victims that urgent action is required regarding their technology. The impersonation of trusted brands is a common tactic, significantly increasing the chances of successful fraud.
In this scenario, various tactics from the MITRE ATT&CK Framework may have been employed. Initial access could have been achieved through phishing campaigns, where victims were lured into providing sensitive information under the belief that they were communicating with authentic tech support. Persistence might have been maintained through continuous engagement with victims, employing various social engineering techniques to reinforce the legitimacy of the operation.
Additionally, the perpetrators likely utilized privilege escalation techniques as they maneuvered to extract sensitive financial data from their targets. By employing these tactics, criminals can impose undue pressure on victims to act quickly, effectively manipulating their decision-making processes.
The implications of such operations extend beyond immediate financial loss, threatening the integrity of personal and organizational data. As cybercriminals adapt their strategies, the collaboration between global companies like Microsoft and law enforcement agencies such as the CBI becomes increasingly vital. This case serves as a critical reminder for business owners to remain vigilant against such sophisticated scams and to implement robust security measures designed to thwart similar threats.
As the landscape of cybercrime continues to evolve, the necessity for proactive measures in cybersecurity cannot be overstated. Organizations must prioritize education around phishing scams and technology-related fraud, fostering an informed and prepared workforce to mitigate the risks associated with these emerging threats.
