Noida Tech Support Racket Busted: 16 Arrested for Duping Foreign Nationals of Crores
In the early hours of April 7, 2026, a team from the Noida Cyber Crime Police Station, acting on technical surveillance and local intelligence inputs, raided a high-rise apartment in Sector 76, Noida . The operation was swift and precise. Inside, they found four young men—ages 24 to 27—sitting in front of laptops, headsets on, speaking in fluent American accents to targets thousands of miles away.
The men were not running a legitimate IT support business. They were part of a sophisticated, organised cyber fraud syndicate that posed as a legitimate tech support service, tricking international users—primarily in the United States and Europe—into believing their computers had been hacked . By the time the raid was over, four individuals were in custody, with electronic evidence suggesting fraudulent transactions worth crores of rupees.
In the days that followed, as the investigation deepened, authorities arrested an additional 12 individuals, bringing the total number of accused to 16 . The bust has since become one of the most significant cyber fraud crackdowns in the NCR region in 2026, exposing the dark underbelly of unregulated “tech support” ventures operating under the guise of startups .
The Modus Operandi: Fear as a Service
The accused operated a multi-stage scam that leveraged sophisticated psychological manipulation alongside technical exploitation.
Stage 1: The Digital Bait
The syndicate ran paid advertisements on internet platforms and social media, specifically targeting users in the US and Europe . The ads displayed toll-free numbers under the guise of legitimate technical support services—for well-known software companies, antivirus providers, or operating system developers .
Stage 2: The Call
When foreign nationals called the displayed numbers, the calls were routed through specialised calling software installed on the accused’s laptops . Posing as technical support agents, the fraudsters would claim that the victim’s computer or device had been hacked .
Stage 3: The “Hacking” Simulation
To make their claims appear genuine, the accused used a novel and terrifying tactic. Using screen-sharing applications (like AnyDesk or TeamViewer), they gained remote access to the victim’s system and deliberately turned the computer screen black .
To the victim, it looked exactly like a cyberattack in progress—their screen was black, an “agent” was on the phone claiming they were hacked, and panic was the intended result .
Stage 4: Financial Assessment and Extraction
Once the victim was sufficiently terrified, the fraudsters assessed their financial status by checking the victim’s willingness to pay and asking leading questions .
- Low-Balance Victims (Under $2,000): Forced to pay amounts ranging from $350 to $2,000 as “security” or “repair” charges .
- High-Balance Victims: Calls were transferred to senior members of the gang who continued the psychological manipulation to extract significantly higher payments .
Stage 5: Laundering via Cryptocurrency
To avoid detection, the fraudulently obtained money was converted into cryptocurrency and later distributed among the accused .
The Arrests: A Sophisticated Operation
The four individuals initially arrested were identified as :
| Name | Age | Residence |
|---|---|---|
| Mohammad Bilal | 26 | Adarsh Nagar, Delhi |
| Dev Kapahi | 25 | Adarsh Nagar, Delhi |
| Abhishek Mukheja | 27 | Bhiwadi, Alwar, Rajasthan |
| Kushagra Nimbekar | 24 | Rohini, Delhi |
Deputy Commissioner of Police (Cyber Crime) Shavya Goyal noted that the accused were not petty criminals. They were “well educated and fluent in foreign accents,” which helped them easily gain the trust of international victims . Police suspect that one of them might have been part of a larger syndicate previously, as the technical sophistication and operational scale pointed to prior experience .
Recovered Items (Initial Raid):
- 4 Laptops
- 8 Mobile phones
- 4 Headset-microphone devices
- 2 Routers
Following the initial arrests, police expanded their investigation, identifying and apprehending an additional 12 individuals connected to the same network—including handlers, cryptocurrency facilitators, and those responsible for running the digital advertisement campaigns targeting foreign nationals. In total, 16 people have been arrested in connection with the racket.
The Larger Context: Noida’s Cybercrime Crackdown
This arrest is not an isolated incident. It is part of a broader, sustained crackdown on cybercrime in the Noida-Greater Noida region.
Between January 1, 2023, and March 27, 2026, the Noida Cyber Crime Branch arrested 1,692 cybercriminals and recovered over ₹68.3 crore for victims of digital fraud . During these operations, a total of ₹139.5 crore was frozen, out of which ₹68.3 crore was successfully returned to victims .
The scale of operations over the past three years and the involvement of inter-state networks indicate that cybercriminals are now targeting citizens in more organised and sophisticated ways . The Noida police commissionerate has emphasized that timely reporting of cybercrime cases is extremely important , urging citizens to immediately report any cyber fraud by calling the National Cyber Crime Helpline 1930 or filing a complaint on the official portal www.cybercrime.gov.in .
Why This Matters for India’s Startup Ecosystem
The Noida tech support racket bust carries several important lessons for India’s legitimate startup ecosystem:
1. “Startup” is not a License to Operate Unregulated
The accused operated what was, in effect, a fraudulent “tech support startup”—complete with a team, infrastructure, and a digital marketing strategy. This highlights the need for stricter verification mechanisms for IT service providers, particularly those offering remote support and handling sensitive customer data .
2. Compliance is Critical
Legitimate startups must adhere to legal and regulatory frameworks to build credibility. The absence of governance and oversight creates a vacuum that fraudulent actors exploit .
3. Cybersecurity Safeguards Must Be Built In
The scam relied on exploiting victims’ lack of cybersecurity awareness. For legitimate startups, this is a reminder that security is not just an internal IT issue—it is a product feature. Building trust requires transparent security practices and educating users about what legitimate support looks like .
4. Trust-Building is a Competitive Advantage
Incidents like this erode public trust in digital services. For genuine startups, prioritising transparency, ethical operations, and clear customer communication can become a significant differentiator .
5. The Government is Watching
The sustained crackdown by Noida Cyber Crime—1,692 arrests in just over three years—demonstrates that law enforcement is becoming more sophisticated in tracking and prosecuting digital fraud . Startups operating in the grey zone, or outright fraudulently, will face severe consequences .
The Road Ahead: What Founders Can Learn
For founders building legitimate tech ventures, the Noida scam offers several actionable lessons:
| Lesson | Actionable Takeaway |
|---|---|
| Transparency Builds Trust | Be clear about your data handling practices. Do not use fear tactics to upsell services. |
| Compliance is an Asset, Not a Burden | Register your business properly, adhere to IT rules, and be ready to demonstrate compliance. |
| Cybersecurity is Your Product’s Foundation | Invest in secure infrastructure. If you offer remote support, use legitimate, verifiable access protocols. |
| Customer Education is Part of Your Mission | Legitimate tech companies often provide resources to help users identify scams. This builds brand loyalty. |
| Cooperate with Authorities | If you detect fraud on your platform or using your brand name, report it to the Cyber Crime Branch immediately. |
The Final Word
The bust of the fraudulent tech support racket in Noida, with the arrest of 16 individuals, is a powerful reminder that India’s digital ecosystem is still maturing. While the country celebrates its unicorns and startup success stories, it must also reckon with the darker side of unregulated tech ventures.
For legitimate entrepreneurs, this incident underscores the importance of responsible innovation and governance. Building a startup is not just about growth metrics and funding rounds—it is about building trust, ensuring compliance, and contributing to a safer digital environment for everyone.
As the Noida Cyber Crime Branch continues its crackdown—with 1,692 arrests in just over three years—the message to fraudulent operators is clear: you will be caught. And the message to legitimate founders is equally clear: compliance, cybersecurity, and transparency are not optional—they are the price of entry into a sustainable, scalable business .
