In a significant blow to organised cybercrime, the Central Bureau of Investigation (CBI) has dismantled a sophisticated phishing network that operated using over 20,000 illegally procured mobile SIM cards. The agency conducted coordinated raids over the weekend in Delhi, Noida, and Chandigarh, unearthing what officials have termed a 'phishing factory'. This operation led to the arrest of three individuals linked to the sprawling scam.
The Raid and the Phishing Factory
During the searches, CBI teams discovered an advanced setup designed to defraud citizens on a massive scale. The heart of the operation was the use of SIM boxes—devices capable of holding hundreds of SIM cards simultaneously. These boxes were used to disguise international calls as local numbers and bypass standard telecom regulations, flooding phones across India with fraudulent messages.
The arrested suspects have been identified as Sonveer Singh, Maneesh Upreti, and Himalaya. The raids resulted in the seizure of key digital evidence, including servers, communication devices, USB hubs, dongles, and thousands of physical SIM cards. Authorities also confiscated unaccounted cash and cryptocurrency holdings.
Modus Operandi: A Daily Deluge of Deception
According to the CBI spokesperson, this elaborate system was used to send lakhs of phishing messages and mass financial traps every single day. The probe, part of Operation Chakra-V aimed at breaking the backbone of cybercrime in India, began by analysing patterns of fake SMS messages.
This analysis led investigators to an organised cyber gang based in Delhi and Chandigarh, which was providing bulk SMS services to other cyber criminals. "It was found that even foreign cyber criminals were using this service to cheat Indian citizens," revealed an officer involved in the case.
The investigation established that the illicit operation was run by a private firm, M/s Lord Mahavira Services India Pvt Ltd. The company deceptively procured a staggering 20,986 mobile connections between 2020 and 2025, with 7,721 SIMs obtained just in the 2024-2025 period.
Violations and Collusion Uncovered
The CBI found blatant violations of Department of Telecommunications (DoT) rules. The firm allegedly provided false end-user lists and used the same identification documents to issue multiple SIM cards. In one glaring example, 90 SIM cards were issued against just 10 people, while 1,000 numbers were registered to only 143 individuals nationwide.
Early findings suggest the involvement of channel partners and employees of telecom companies, who allegedly facilitated the illegal arrangement of these SIM cards for the fraud network. The SIMs were controlled via an online platform to send bulk messages offering fake loans, investment opportunities, and other financial benefits, solely to steal personal and banking details.
Technical analysis showed some numbers operated across 203 to 387 different IMEIs (International Mobile Equipment Identity), generating one-second automated calls. This pattern is consistent with SIM box operations, IMEI tampering, and Machine-to-Machine (M2M) communication—all practices strictly prohibited by DoT guidelines.
Call detail reports placed the usage of these numbers around their registered address in Delhi and an office building in Noida. Shockingly, an analysis of just six of these numbers revealed that each one had a cybercrime complaint filed against it on the national cybercrime reporting portal.
The CBI continues its investigation to uncover the full extent of this network and identify all those involved in enabling this large-scale cyber fraud against Indian citizens.
