New Delhi : Indians are the second-most targeted population of a global cybercrime industry that has transformed online fraud into an industrialised, corporate-style sector, Meta – the owner of Facebook, Instagram and WhatsApp – said in a report on Wednesday.
The findings underscore a growing national problem acknowledged by the government and law enforcement in India, but also signals new strategies — cybercriminals are now adopting AI tools to hyper-personalise their lures, and are looking for wealthy and vulnerable victims — and even geographies: from Myanmar to southern Cambodia.
The scale of the problem is vast and the company’s products are among the most widely used social media and communication tools in the world, making them a vector of choice for cybercriminals. In 2025, the company took down 10.9 million accounts on Facebook and Instagram that it said were associated with scam centres in Myanmar, Laos, Cambodia, the United Arab Emirates, and the Philippines.
But it is not just the volume that has grown — the methods have evolved too. Scam syndicates are now borrowing from the playbook of state-backed hackers, moving from mass-targeting to precision attacks on high-value individuals. “They’re moving beyond romance and cryptocurrency scams and they’re now running targeted approaches much more similar to spearfishing or whaling methods in traditional cyber security,” said David Agranovich, director of Global Threat Disruption at Meta, in a virtual briefing prior to the report’s release. This process, Agranovich added, involved identifying wealthy individuals or people in positions of power or public or corporate trust as targets.
The company separately explained to HT some of the ways this shift is playing out: “We also see a pattern where scammers re-engage people who have already been approached or victimised before, now posing as law enforcement or another authority figure, to extract more money or information (for example, under the pretence of ‘clearing’ a case, ‘verification,’ or avoiding escalation)”.
“These tactics show up consistently in victim reporting and public accounts, and the same patterns are reflected in disruption activity tied to this scam type,” a spokesperson said.
Meta also announced new anti-scam features across its platforms. Facebook will now flag suspicious friend requests. WhatsApp will warn users when behavioural signals suggest a device-linking request (scan to sign in to desktop) may be fraudulent, a tactic scammers use to hijack accounts through fake QR codes or voting websites.
One spear-phishing case study the report cited was from Bangladesh, where the operation involved the scammers conducting searches for the names of recently deceased individuals and subsequently targeting their social networks by sending unsolicited friend requests to family members and friends. They would then lure them to fake funeral streaming services to perpetrate the scam.
Then there is the growing use of AI.
One network that Meta took down incorporated AI-generated content into traditional fraud archetypes. The network, the report stated, posted fake pet adoption content — both organic posts and paid advertisements — to lure targets, then requested upfront payments under the guise of covering veterinary care, transportation, or rehoming fees. “Our investigation revealed that scammers used AI to scale their operations, generating location-specific content and culturally appropriate messaging to improve targeting in the United States, Canada, Australia, New Zealand, and the United Kingdom.”
This is not the first time cybercrime has evolved. One evolutionary leap was during the Covid-19 pandemic that Agranovich described as “an inflection point”.
“As Covid happens, a bunch of sophisticated criminal organisations that made a lot of money on traditional crime, street crime suddenly found all their people locked indoors. And so there was this movement towards online scams as a potential revenue driver for these much more sophisticated international criminal organisations that really spiked during and after Covid,” he said.
“What happened was essentially the sophisticated infrastructure of a criminal a transnational criminal organisation was imported into the online scams ecosystem”.
Today, these operations function from large, multi-building physical compounds in places like Cambodia and Myanmar, often equipped with high-speed internet and sometimes guarded by sub-state militias, the company noted in its adversarial threat report for the first half of 2026.
Throughout 2025, scam operations originating from Myanmar fell to negligible levels following US sanctions and civil conflict in Karen state. In response, the epicentre for syndicate activity in 2026 has moved to southern Cambodia, where scam centres operate alongside casino properties near the Vietnam border, the company noted.
This remote and fortified nature of these compounds presents a severe jurisdictional challenge for domestic authorities. “…what they can do and what they’re working to do is build that international coalition because in many cases these scammers are operating in hard-to-reach places,” Agranovich noted. “Cambodia and Myanmar, these are not easy places for law enforcement, for example, in Thailand or in Australia to get access to. And so that international law enforcement cooperation can enable some of these wins where individual law organizations may have a harder time”.
