Declining unknown calls with fishy phone codes or deleting spam about free stock market information sessions has become as routine as picking up the phone or scrolling online.

According to Minister of State for Communications and Rural Development Dr Pemmasani Chandra Sekhar, the National Cyber Crime Reporting Portal (NCRP) recorded a 42% rise in cybercrime complaints in 2024, reaching 22.68 lakh cases. In the first five months of 2025 alone, Indians lost nearly ₹7,000 crore to online scams. NCRP data shows that in 2024, over ₹22,811.95 crore were lost to such digital financial frauds, a 206% jump from the year before.

Cybercrime can be classified by activity or mode of transmission such as those occurring online, via calls, or messages (smishing or phishing, where attackers impersonate others).

However, while personal judgment is the first line of defence against spammers-turned-scammers, there is often a need for objective safeguards to prevent such cases.

Further, this is required because, the wireless subscriber base in the country continues to grow incrementally. It reached 1,170.88 million in June 2025. As a result, the urgency of introducing stronger safeguards for users has only increased.

Vikram Babbar, Partner, EY Forensic and Integrity Services – Financial Services, EY, reveals that most of the cybercrime frauds today are leading to financial losses to users/ customers and to financial institutions.

“Customers are either lured into or forced to part money through a fear mechanism. It is later identified that they are part of a scam or fraud,” says Babbar.

“Given the rising incidences of digital frauds especially on vulnerable segments like elderly citizens, students, etc. it is imperative not only for banks but also Telecom Service Providers (TSPs) to protect customers through real-time detection,” adds Babbar.

What are Telecom Service Providers doing to help customers combat digital frauds?

In this regard, TSPs like Airtel, Vodafone Idea (Vi), and Jio have begun rolling out initiatives and awareness programs aimed at tackling financial fraud directly at the telecom level.

Messages with external URLs, APKs, or OTT links are now permitted only if pre-approved and whitelisted by Principal Entities (PEs), with predefined telemarketer chains to ensure accountability, any mismatch leads to blocking, one of the TSPs revealed.

“When a user clicks a flagged link, they are redirected to a warning page. This solution is seamlessly embedded in Airtel’s mobile and broadband network,” an Airtel spokesperson told Fortune India.

Airtel and Vi have been using AI-based spam detection solutions for identifying spam and fraudulent activity on calls and SMS. While Vi rolled out this service in December last year, Airtel was the first to roll out this service in September.

How these system work?

The systems use deep learning on millions of examples, combining predictive algorithms, pattern recognition, and automated rules to detect phishing links, unauthorised promotions, and identity theft attempts.

Risky messages are immediately flagged as “Suspected Spam,” while the model continuously adapts to emerging fraud trends, providing evolving protection.

“The solution operates at the network level and is auto activated for all customers. This means it provides a universal layer of protection without the need for users to download an app. The AI-powered system works in real time, serving as a dual-layer filter for every call and SMS that enters the network,” the Airtel spokesperson added.

For Airtel, the AI algorithm evaluates over 250 parameters to identify suspicious behaviour. The spokesperson clarified that the system does not read the content of the messages, but analyses patterns and anomalies across metrics such as the sender’s usage habits, call and SMS frequency, call duration, and the presence of suspicious URLs, for threat detection.

The system is said to process 1 trillion records on a real time basis, capable of flagging as many as 100 million spam calls and 3 million SMS daily.

“The solution is entirely free for customers and is automatically enabled for all users on the network,” the spokesperson added.

By early 2025, the service for Airtel users was upgraded to detect spam originating from international networks and provide alerts in 10 Indian languages, including Hindi, Tamil, Bengali, and Urdu.

Between January and June this year, Vi has detected and flagged over 450 million spam SMS. Recently Fortune India had reported that, due to these initiatives Airtel has flagged 48.3 billion spam calls, leading to 68.7% reduction in financial losses from cybercrime, and 14.3% decline in overall cybercrime incidents.

By the time of writing, Fortune India had not received any responses from Jio on the scope of their initiatives. A source close to Jio had revealed that the focus has been on awareness programs. Vi is also currently piloting voice spam monitoring.

In such cases, the latest iOS 26 feature of call screening introduced in Apple iPhones are also set to benefit users, which shows users the purpose of incoming calls. Google also has similar spam detection capabilities while third party apps such as TruCaller continue to safeguard individuals.

For all TSPs the approach to the issue has largely been similar. A source close to the Vi told Fortune India that these initiatives are aligned with the government and regulatory body requirements.

Telecom Regulatory Authority of India (TRAI) has embedded these safeguards within TSP operations, mandating phased migration to the 1600-series for BFSI calls, launching the Digital Consent Acquisition (DCA) pilot with banks and TSPs, and introducing header suffixes (-P, -S, -T, -G) to clearly classify message types.

“[We are] partnering with TRAI, RBI, and leading banks on the Consent Registration Function (CRF) pilot, which records user consent data on a Distributed Ledger Technology (DLT) platform, enabling secure, consent-based communication and reinforcing trust between users, enterprises, and telecom providers,” the source added.

However, a service provider like Airtel is set to be more effective due to its access to a larger dataset to train its models, a bigger user base to test them, and the advantage of being an early mover.

How are these efforts coordinated across TSPs and since when have these been in place?

The government has laid the groundwork for cyber fraud prevention by establishing institutional mechanisms and technology guardrails, while TSPs implement these initiatives under directions from the Ministry of Communications, the I4C under MHA, and TRAI.

The I4C was set up in 2018, inaugurated in 2020, and given permanent institutional form in 2024. This was followed by the Citizen Financial Cyber Fraud Reporting and Management System (CFCFRMS) in 2021 with helpline 1930, saving over ₹5,489 crore across 17.82 lakh complaints. A Cyber Fraud Mitigation Centre (CFMC) was created to coordinate between banks, intermediaries, telecom, IT companies, and law enforcement.

CyMAC was launched in January 2025 to address advanced threats, while the National Cyber Forensic Laboratory and CyTrain portal have strengthened investigation and training. The Samanvaya Management Information System (MIS) platform has enabled data sharing and analytics, leading to over 12,987 arrests and 1.5 lakh linkages. This number is drastically lower than the number of individuals involved in these frauds.

DoT, meanwhile, has built the supporting tech stack. The AI-driven ASTR tool has disconnected 82 lakh fake connections. A robust KYC framework has been put in place, for the issuing of SIMs and their swaps/replacements. Further, the department’s Digital Intelligence Platform (DIP), with 620 stakeholders onboarded, shares data on misuse of telecom resources.

In May 2025, the ministry launched the Financial Fraud Risk Indicator (FRI) with RBI, flagging 3.7 lakh risky numbers, preventing over 3 lakh fraudulent transactions and freezing 1.55 lakh accounts. DoT has also blocked 5.5 lakh handsets, 20,000 bulk SMS senders, 24 lakh WhatsApp accounts, and 26 lakh roaming connections.

International spoof call prevention software has reduced spoof calls by 97%.

In July 2025, the inclusion of National Payments Corporation of India (NPCI) in the Joint Committee of Regulators (JCoR) has added a payments dimension to fraud prevention.

“In a digital first economy, collaboration among financial sector regulators, digital communication regulators and the security agencies become paramount. TRAI appreciates the swift collaboration being facilitated through JCoR in building a reliable and safer communication environment,” said Anil Kumar Lahoti, chairman, TRAI.

What next?

All stakeholders are working toward eliminating telecom-related fraud, and the government is moving ahead with the Caller ID or Calling Name Presentation (CNAP) initiative. Trials were completed in April this year in Haryana and Maharashtra with the participation of Jio, Airtel, and Vi. The rollout is expected to follow a phased approach, beginning with 4G and 5G users.

A source close to Vi revealed however that the CNAP roll out is yet to happen.

For Airtel, the goal is to refine its AI models to enhance the detection accuracy and response speed, as well as focusing on the expansion of vernacular support.

“We are also investing in predictive analytics to anticipate new fraud patterns before they emerge,” Airtel spokesperson added.

While the swift implementation of initiatives by TSPs is commendable, two concerns remain. First, these measures have come relatively late. Cybercrimes surged post-pandemic, but AI-driven safeguards are only now gaining traction. By the time current systems adapt to existing threats, more advanced AI-driven attacks may already emerge. The solution lies in involving more non-TSP and private players, such as Truecaller or Google, to strengthen user protection.

Second is individual privacy. While EY’s Babbar claims that these protection systems extended by TSPs do not hamper personal privacy.

“As far as privacy is concerned, TSPs don't hamper privacy but support in protection. When users accidentally click on suspicious sites/ links, these links attempt to access personal information like DoB, OTPs, account numbers, etc. By blocking such information, users are in fact saved from such an attempt,” he said.

Services like Calling Name Presentation (CNAP) require sharing caller databases with TSPs and even non-TSP entities, increasing the risk of data misuse.