ADVERTISEMENTREMOVE AD

Scammed & Jailed: How a Czech Man's Mission to Catch Indian Scamster Went Wrong

India's cybercrime portal is inaccessible outside the country, leading to consequences for foreign victims.

Published
story-hero-img
i
Aa
Aa
Small
Aa
Medium
Aa
Large

In September 2021, Peter Kasparek, a game developer, first connected with ‘Ayan Bose’ or ‘Anay Basu’ via Facebook to create animations for a video game. He paid $450 to Bose, the advance payment of a total $1,500 fee, to get the work started.

But soon after Bose got the first installment, he ghosted Kasparek. And on 22 December 2021, he blocked him.

One year later, Kasparek, who's a Czech citizen, found himself in Central Jail in Bihar's Motihari. He is out of the prison now – and back in his country of residence, the UK – but he says, 'Such missteps can be avoided if India had a provision to submit crime complaints from abroad'.

This is the story of Kasparek and other foreign nationals who become victims to online scams in India, but due to India's online cybercrime reporting portal remaining inaccessible outside India, face serious consequences. 

The cases involving foreign victims scammed by India-based scammer fly under the radar of a justice process not designed to deal with internet-enabled crime where anonymity is easy – and the victim and the perpetrator are not in the same jurisdiction. In search of restitution, some victims make it their personal mission to nail the online scammer. But it is a futile exercise.
ADVERTISEMENTREMOVE AD

Kasparek’s Story

Bose's modus operandi is simple. He claims to be a former animator with Disney and Pixar, and posts compilations of eye-catching animated reels allegedly stolen from professional animators to fraud people.

A few months after Kasparek was scammed of $450 by Bose, he found he wasn't the only victim. Bose has allegedly defrauded victims of over Rs 20 lakh via Facebook.

At least 20 victims, including Kasparek, then created a Facebook group in April 2022 to warn potential victims, and to collate evidence to get Bose arrested. All the victims are based outside India, mostly across Europe and the US.

Almost a year after he was defrauded, Kasparek was visiting his fiancée in Nepal. It was January of 2023. He decided to file a physical complaint with the police in India – and went to Kolkata since the scammer’s bank address and social media pictures pointed to the West Bengal capital.

Kasparek says, “He was misinformed about the need for a separate Indian visa. His passport was checked twice before entering India, and no officials halted him”.

On 7 January 2023, Kasparek went to the Kolkata Cyber Crime Police Station, in Lalbazar, to file a complaint against Bose. 

“I spent about three hours with six police officials, providing comprehensive evidence against the scammer on behalf of other victims. The police were polite and seemed interested in the case. Once I left the police station, I was even called back to the station and asked more questions.”
Kasparek

Kasparek shared a picture of a police officer's name and number from Kolkata cyber police – Sub Inspector Kuntal Siddharth.

When this reporter called the number, the person who answered the call did not want to confirm his identity, but over a year later, he still remembered Kasparek's case. He said the matter was forwarded to the anti-fraud division of Kolkata Police – and that this was communicated to Kasparek over call. The progress of the case cannot be divulged to anyone but the complainant, the person on the call added.

Kasparek says when he had previously checked for case progress, “They said I need to file a complaint with some other division. So obviously nothing has been done about it”.

The Twist

A few days after visiting Kolkata cyber police, events turn dramatic.

Kasparek was apprehended at the Raxaul border on 10 January 2023 while leaving India on the grounds of not having a valid visa to enter and stay in India. He was sent to Bihar’s Motihari jail where he spent approximately 11.5 months in jail. 

During his stay in the prison, Kasparek says he lost 20 kilos.

On 23 December 2023, his lawyer signed papers for Kasparek’s bail, allowing him to travel and stay in Delhi until his lawyer appealed and got him off the hook.

Finally on 21 June 2024, Kasperek says he was acquitted and ordered to be deported out of India.

While awaiting acquittal, he stayed in Delhi’s Laxmi Nagar, an “overcrowded hellhole”. When his passport was returned, it was damaged and had to be replaced.

One has to wonder if $450 was worth nearly a year in jail.

In May 2024, when Kasparek got respite from jail, he emailed a complaint to another division of West Bengal police that he found via Google but received no reply. Kasparek is certain it was the right email address since it was “listed on a government website along with cybercrime departments in other states”.

Kasparek also filed a complaint on cybercrime.gov.in. Four minutes apart, the online portal sent automated emails, saying the grievance’s status was ‘Accepted’, and in the next email that the grievance was ‘Closed’.

Kasparek, now in the UK, shared a screenshot of how the cybercrime.gov.in portal doesn’t load for him outside India. “Even if I used VPN, I can’t lodge a complaint because it doesn’t accept any other number but Indian”.

The cybercrime.gov.in FAQ asks to register on the portal using a “valid Indian number”. The portal has a checklist for a complainant which includes softcopy national ID – Voter ID, driving license, passport, PAN, Aadhaar – all geared towards receiving complaints only from Indian residents. This is unlike other countries, including the US, the UK, Australia, and Nigeria. 

Cybersecurity investigator Ritesh Bhatia tells The Quint blocking India's cybercrime reporting portal outside the country is “illogical". 

"A determined hacker could easily bypass the restriction by using a Virtual Private Network (VPN) and selecting a server with an India-based IP address. If there are concerns about the portal being hacked, a separate section could be created specifically for those outside India to report cybercrimes,” he explains.

What if spam increases when the portal is opened to the entire world? Bhatia says spam is inevitable in any system. “Surely the current portal already deals with them”.

Bhatia raises several important questions: What if tourists only realise they were scammed after leaving India? Or an Indian while abroad is defrauded by someone based in India? What about a digital nomad who becomes a cybercrime victim while in India but only discovers it after reaching another country that isn't their country of citizenship? “How are these people expected to report their cases?" he asks.
ADVERTISEMENTREMOVE AD

The Mission Continues

After his attempts to complain about the fraud failed, Kasparek is now using a fake Facebook profile to goad the scammer and gather enough sensational footage for a documentary exposé.

Kasparek and other victims have identified multiple aliases for Bose. He further alleges Bose has been keeping track of him. Having somehow learned of Kasparek’s incarceration and release on bail, Bose began harassing him with calls and messages, threatening police action, and even making life threats against Kasparek’s fiancée in Nepal.

Kasparek goes by the name Eduardo Lopez on Facebook. A profile named ‘Luke Greenway’ comments at least 40 times on one post by Kasparek. He is certain it is Bose.

“Keep trying. So, your CBI not working anymore? NIA? Lalbazar? National Cybercrime? All failed?” reads one comment. Another comment says, “I ripped off …[Kasparek] and then I tipped off the immigration department. I jailed him for 11 months. Who is the winner?” A reverse search of the profile picture for ‘Luke Greenway’ points to a 2018 video on Vimeo. Luke Greenway’s profile picture is actually a still from a video interview of Alex Sherwood, CEO of an animation studio named Giantanimation.
ADVERTISEMENTREMOVE AD

Other Victims of the Same Scam

Aspiring filmmaker Dan Ramm in Connecticut had contacted Bose in December 2022 to get a reel done. It cost $750 and by “some magic”, although the reel had been downloaded off the internet, the reel Bose delivered had worked for Ramm. So, when Ramm was working for an NGO that worked with child cancer patients in April 2023, he spent a $1,000 of the NGO’s money on Bose to create a video animation of a little girl with cancer growing up into an adult. Bose never delivered the work.

“Later I found out Bose was a scammer…I do feel bad about wasting an NGO's money because of my stupidity,” he tells The Quint.

Ramm had learnt from other victims in the Facebook group tracking Bose that he should file a complaint at his local police in Connecticut. “But you know it’s the internet and he [Bose] is in another part of the world. I know it’s not the biggest amount of money to lose, but I would still love to get that $750 back”.

Eddie Yaroch based in San Diego signed a contract with Bose to make an animation reel in May 2022. “Bose had insisted on using a debit card, but I luckily didn’t have that in my account, so I used my credit card to send over $1,620 [first installment of a $4,000 total fee] to get the work started”. Then Yaroch was gradually ghosted by Bose. Yaroch was among the fortunate who was able to get the credit card payment reversed, so technically lost no money.

“Ayan [Bose] is convincing, personable, and a master manipulator. The contract went into pages of detail, containing terminology like colour grading, compositing, overlaying only an animator would know,” he says.

“I made online complaints to the FTC [US Federal Trade Commission], and the San Diego police fraud division but I didn’t hear back… Not really expecting anything at this point”.

UK citizen Lee Lawson based in Estonia contacted Bose via Facebook in November 2019 to make an animation reel after seeing the demo reels Bose posted on Facebook. By early January 2020, Bose had gradually ghosted and blocked Lawson after that first installment of $1,320, of a total fee of $4000, was paid.

“I am an amateur filmmaker. He is preying on the fact that we have little money, starting small. He knows that it is difficult to verify his work is stolen. The original animator doesn’t seem to care it was stolen. The police don’t care. Nobody cares. I’d like to see him go to jail for what he’s done, but I don’t think that will ever happen.”
Lee Lawson

The ubiquity of the internet makes it complicated for victims. They don’t know what kind of crime this is and whom to report it to. 

ADVERTISEMENTREMOVE AD

Lawson asks, “I’m not even sure if this is cybercrime…Is this cybercrime? We tried speaking to lawyers in India who said it is difficult to build or win such a case. Every group we approached for help ended up with ‘somebody needs to come to India and file a police report’, and none of us live in India. Peter was the closest one when he was in Nepal”.

Lawson understands why seeking restitution is an uphill battle. “We have found about 20 victims, when you add it up it’s a large amount, still not huge like in romance scams or pig butchering”, where one victim may lose hundreds of thousands of dollars.

That right there is the problem. The amount is simply too small and too trivial, with the victims spread across multiple jurisdictions. Most of the victims, barring Kasparek who paid a hefty emotional price, have largely forgotten about it and reluctantly moved on.

Scammers Steal Small Amounts to Stay Under the Radar

  • The Hindu reported that in India, “Citizens are losing anywhere between Rs 1.3-1.5 lakh to cyber criminals every minute in India.”

  • Australia’s official cybercrime site shows in 2024, there were 288 cases of Remote Access Scams like ‘IT Support’ with a loss of 1,613,805 million Australian dollars. This averages out to 5,604 Australian dollars or Rs 3,16,270.

  • The UK official cybercrime statistics for 2024 says, “The average (mean) annual cost of cybercrime for businesses is estimated at approximately £1,120 per victim (this excludes crimes where the only activity was phishing).” That’s about Rs 1,22,861.

  • In a 2022 report, the Federal Bureau of Investigation notes, “Call centers overwhelmingly target the elderly, with devastating effects. Almost half the victims report to be over 60 (46%), and experience 69% of the losses (over $724 million) …The scams primarily emanate from call centers in South Asia, mainly India”.

US-based security professional Ronnie Tokazowski helps victims hit by scammers. “Many of the victims we see are elderly, retired and on fixed income... some won’t even have any money for food the next day. Many scammers believe victims get their money back to justify their behaviour. In 90 percent of the cases, victims don’t get their money back.”

He adds that he has seen India-based scammers steal a couple of 100 dollars reaching $500,000 loss in extreme cases. The “India tech support scams” average a loss of $1,000 per crime. The law enforcement won’t have the manpower to go after each case when cybercrime is this rampant.

These crimes where a smaller amount of dollars is lost form the largest accumulated category of loss, Tokazowski explains.
ADVERTISEMENTREMOVE AD

Scam Baiter at Work

This reporter met an India-based scam baiter. He focuses on India-based scammers targeting victims outside India. Many of the victims are US-based, he says.

He is wary of sharing his identity and location. It is illegal to hack into computers but that’s how evidence is gathered; first by learning of scams on online forums, then finding and hacking into computers of potential scammers. When he gathers enough evidence, he reports it to police.

On an average, he sees a victim lose more than $5,000 to a scammer. In the four years he has been active, he recalls only one case where a victim recovered their money.

The scam baiter shared some footage of scammer’s computers. The footage shows how these scammers put intense emotional pressure on victims for days, alleging the victim’s bank account was used to pay for pornography and pushing victims to secure their money by depositing their money in an encrypted wallet the scammer provides, among other scam tricks. The anxiety and anguish in these victim’s voices also captured in the footage is sometimes hard to hear. 

In the meantime, law enforcement only seems to focus on chasing the bigger losses, and not the moderate ones.

One reason is insufficient police personnel with the right training. The Bureau of Police Research and Development’s Data on Police Organisation states, as of 1 January 2023, “16,859 police personnel are actually deployed in CID/Crime Branch against the sanctioned strength of 26,122”.

The scam baiter said in 2020, he had pointed police to a scam ring in Guwahati where there had been eight scammers. But police had been able to find links to and arrested about 200 scammers. “So I know the police are capable but there is lack of skilled personnel able to carry out forensic investigations to address each crime. I had gathered a lot of evidence about a scam call centre. Police only conducted raids this October, more than a year after I alerted them”.

Another reason is the cost of conducting an investigation. Most cybercrime involves a victim, and a perpetrator based in separate jurisdictions. Estimate cost per investigation officer spending a week to deal with a cybercrime where victim and perpetrator are in separate states starts at Rs 30,000-40,000.

ADVERTISEMENTREMOVE AD

So, What Needs to Change?

Pravin Kalaiselvan is a cybercrime investigator and founder of NGO Save Them India Foundation that raises awareness against financial scams.

“We need to keep educating everyone in any country on how and where to file a cybercrime complaint. Peter Kasparek and many other victims had complained to our foundation about the same scammer. But attention was diverted once Peter was arrested”. 

Kalaiselvan’s experience is that police in India will act on complaints about scammers in India that target foreigners, with a caveat.

“It is just that someone must be physically present in India to follow up on the case. I suggest victims in other countries file a case in their jurisdiction either online or offline, use a copy of that complaint to show to police in India via somebody present here in India that they trust. Else with the high rate of cybercrime, without the victim's persistent follow up and escalation to senior officers if junior officers are not working, it is difficult to ensure your case will be investigated”.
Pravin Kalaiselvan

Cybersecurity investigator Bhatia’s own deaf and mute sister was a victim of a UPI scam.

The case remains unresolved even after four months, despite his extensive industry experience and connections with senior police officers. “If it has been this difficult for me, how can an ordinary person, especially someone living outside India, navigate the reporting process? Expecting victims to visit Indian embassies or file reports with local police [in their own country] for a few hundred dollars is simply impractical."

And that’s the caveat that must change, at least a little.

(At The Quint, we question everything. Play an active role in shaping our journalism by becoming a member today.)

Speaking truth to power requires allies like you.
Become a Member
×
×