WhatsApp Bans 9,400 Accounts in India Over Digital Arrest Scams

Meta-owned WhatsApp has banned 9,400 accounts in India for their involvement in digital arrest scams since January 2026. This action is part of a coordinated regulatory effort and follows a status report presented by the Indian Cybercrime Coordination Centre (I4C) of the Ministry of Home Affairs (MHA) to the Supreme Court.

The enforcement move is a component of a broader government initiative involving the Reserve Bank of India (RBI), the Department of Telecommunications (DoT), law enforcement agencies, and digital platforms to combat sophisticated financial cybercrime. Measures implemented include faster SIM blocking and enhanced biometric verification systems, alongside platform-level safeguards by WhatsApp.

According to a report by LiveLaw, WhatsApp’s investigation process, which began in January, involved identifying scam networks and deploying automated defenses. These defenses include logo detection and caller warning systems to deter impersonation-based attacks. While initially flagging 3,800 scam-related accounts under Section 79 of the IT Act, with only 17 linked to digital arrest scams, WhatsApp expanded its investigation, leading to the ban of 9,400 accounts.

The status report indicated that many of these impersonation scams originated from Southeast Asia, particularly Cambodia. These scams were reportedly operated through clusters of accounts and groups exhibiting common naming conventions, reused media, and coordinated activities.

WhatsApp is also working on implementing SIM binding, in line with a DoT circular from November of the previous year, which mandates that online messaging platforms enforce mandatory SIM binding for all users. The government has since extended the deadline for compliance with this new rule to the end of the current year. WhatsApp anticipates a full rollout of its SIM binding feature within the next four to six months.

Further user protection features are being examined by WhatsApp, potentially including measures similar to those on Skype. The platform is also strengthening its detection of malicious APK files and proposing safeguards to address prolonged scam calls.

Concurrently, authorities are accelerating the implementation of multiple digital security layers. The DoT is progressing towards a national biometric identity verification system (BIVS) for SIM card issuance, with a compliance deadline set for December 2026. This rollout includes the SIM-binding requirement, ensuring that only KYC-verified SIMs physically present in devices can access platforms, aiming to significantly reduce the use of fraudulent SIM cards in cybercrimes. Telecom service providers have committed to blocking suspicious SIMs within 2–3 hours of their identification.

The Central Bureau of Investigation (CBI) has set a loss threshold of ₹10 crore for taking over digital arrest scam cases. The MHA has advised the Ministry of Electronics and Information Technology (MeitY) to secure compliance from WhatsApp, ensuring the timely implementation of safeguards and commitments made before the Inter-Departmental Committee, including the SIM binding mechanism as per the DoT circular.

The SIM binding rules stipulate that messaging applications like WhatsApp, Telegram, and Signal must maintain a continuous link to a user’s SIM card. Initially, users of web or desktop versions were to be logged out every six hours, but this rule has been revised. Users will now reportedly be logged out based on AI-enabled risk analysis conducted by the messaging platforms.