Artificial intelligence (AI) has simplified many office tasks, but it has also made committing various digital frauds incredibly easy. Scammers have always existed, but AI has helped them give digital deception an appearance of plausibility and credibility. Thanks to AI, potential attackers no longer need deep technical knowledge; they just need a Telegram account, a few thousand rupees, and to know where to go online—to 'Fraud-as-a-Service' (FaaS) platforms.
The FaaS Model and Ecosystem
The operating principle of FaaS is similar to e-commerce, where dissatisfied customers can receive refunds. Cybersecurity experts investigating the dark corners of the darknet note that the FaaS model directly borrows principles from the 'Software as a Service' (SaaS) economy. Existing platforms such as FraudGPT, WormGPT, EvilGPT, DarkBard, and DarkWizardAI are part of a growing ecosystem where fraud tools are packaged, updated, and sold.
The mechanism is simple: a potential scammer visits the site and subscribes to the necessary set of tools for deception. The range of possible schemes is wide: from AI-generated phishing emails adapted to the victim's job, location, or financial behavior, to sending fake emergency calls from relatives, creating video KYC using deepfakes, or imitating officials' voices threatening digital arrest—any deception can be carried out for a small fee.
The Industrialization of Fraud
According to a report by the analytical firm Juniper Research, FaaS schemes are virtually indistinguishable from legitimate business operations because they constantly optimize revenue through scalable tactics. Srinivas L, co-CEO and co-managing director of 63SATS Cybertech, calls this the 'industrialization of fraud.' He emphasizes that with about 2000 rupees and a Telegram account, one can easily commit fraud without writing a single line of code.
Vishal Gauri, CEO of Seclore Technology, believes the most significant change is the disappearance of the skills barrier. Attackers no longer require technical competence; they just need to subscribe. These FaaS platforms provide documentation, customer support, and version updates, turning the operational model into corporate SaaS for criminals. AI has also facilitated scaling: a scammer can generate thousands of personalized phishing emails in different languages, clone voices from short audio clips, create deepfake video KYC, and automate messages tailored to the victim's profile.
Market Growth and Deception Methods
Referencing the DeepStrike 2025 report, Gauri notes that FaaS offerings on darknet marketplaces have grown by over 120% year-on-year. In 2025, these platforms processed a transaction volume of $3.4 billion, while the number of daily Tor users increased from 3 million in 2024 to 4.6 million in 2025.
The most common product on FaaS platforms is the phishing kit, known in underground circles as 'SCAMA.' These packages include fake login pages mimicking banks, online stores, government portals, and public services like IRCTC. The cost of such kits ranges from 500 to 8500 rupees per month depending on the included templates and services. After purchase, they are used to send messages, emails, or links that appear to be from legitimate companies, directing victims to fake pages to enter credentials, passwords, card details, or UPI PINs.
The Fraud Supply Chain
However, phishing is only part of this extensive business. The fraud supply chain now includes personal identification data sets, mule account networks, SIM cards, OTP interception tools, fake call centers, deepfake tools, KYC bypass services, and payment routing systems. Ranjan Reddy, founder and CEO of Bureau, points out that the underground market has evolved from selling data leaks to selling complete fraud modules; for example, one can buy an entire module to run a romance scam.
A basic subscription can cost $20 (1902 rupees) per month for templates, while a $50 subscription (4755 rupees) may include real-time support via Telegram or WhatsApp. Deepfake KYC subscriptions can cost around $160 (15220 rupees) and allow users to create a large number of fake accounts.
Vulnerabilities in India
Srinivas names mule accounts as one of India's most serious problems. Young applicants are attracted through Telegram and WhatsApp groups with promises of quick earnings—sometimes 5000 rupees a week—for allowing transactions through their bank accounts, often unaware that they are helping to launder cybercrime funds. India's vulnerability is amplified by the speed of its digitalization: UPI has enabled instant transfers, and millions of new digital users from Tier-2 and Tier-3 markets now conduct daily online transactions. However, experts note that digital literacy is not keeping pace with access. Srinivas compares the situation to 'a Ferrari we built without brakes.'
Bureau data shows that a full personal profile can be compiled for less than 400 rupees. According to the Bureau's 'India Fraud Report 2026: Digital Fraud at Scale,' the country lost 22,495 crore rupees due to cybercrime in 2025, which is 24% more than in 2024, with 28.15 lakh cases of cybercrime registered. Investment fraud accounted for 76% of losses, and digital arrest scams for 9%. Banks helped prevent damage worth about 8031 crore rupees by providing 18.43 lakh suspicious identifiers and 24.67 lakh mule accounts through the I4C registry, but industry leaders warn of a continued rise in attacks.
Attacks on Companies
Consumer platforms are also under attack: refund abuse, reseller fraud, fake accounts, and account takeover attacks. Bureau estimates that leakage caused by resellers amounts to 2–5% of gross merchandise value for large e-commerce platforms. Only food delivery platforms record fraud volumes ranging from 10 to 30 crore rupees per month per platform. AI-generated images are used to fake damaged goods or incorrect deliveries to obtain fraudulent refunds. Furthermore, a single device can pass through hundreds of accounts to collect promotions before targeting accounts with saved payment details.
Gauri cites data indicating that 82.6% of phishing emails are now generated by AI. He also notes that about 47% of adults in India have been victims of or know someone who has been a victim of voice cloning or deepfake scams, citing BioCatch data.
Developing Protective Measures
Cybersecurity firms are trying to respond to threats at different stages of the chain. Ashish Tondon, founder of Indusface, says that AI helps attackers discover vulnerabilities in existing applications at machine speed. He clarifies that these are not new classes of vulnerabilities, but simply detection that used to take days or months, now happens in minutes.
Blue Cloud Softech Solutions from Hyderabad focuses on darknet monitoring through Blutor, while 63SATS Cybertech works on protecting citizens through the CYBX app with built-in insurance. Seclore focuses on protecting corporate data. Gauri warns that any exposed file, credential, query history, or unmasked recording within the AI pipeline can become raw material for fraud.
Challenges for Law Enforcement
Law enforcement agencies are also trying to keep up with technological advancements. The Cyber Crime Police of Hyderabad reports that they have not yet encountered scammers using such AI tools in local cases, but they acknowledge that the ecosystem has become much more organized and transnational. Arvind Voleti, DCP of Cyber Crime in Hyderabad, notes: 'Previously, cybercrime consisted of isolated incidents where most participants were from India. But now it is becoming more organized, modernized, and international. Scammers seem to be using new technologies and modern tools and networks, such as AI tools, mule accounts, SIM networks, and digital platforms to exploit loopholes in our systems.'
Voleti emphasizes that data leakage is a serious problem, and compliance with the Personal Data Protection Act strengthens accountability. For cybersecurity firms and law enforcement, the conclusion is clear: fraud can no longer be viewed as scattered crimes investigated after victims lose money. It is now an industry with subscriptions, infrastructure, service centers, updates, and global payment channels. Srinivas concludes: 'The question is not about being a Digital India. We must become a Trusted Digital India, and that requires viewing fraud as an industry to be dismantled, not just a crime to be addressed.'
Division: