Safeer Mohammed Koorimannil said he had four days to make each victim fall in love. Trafficked to a scam center in Myanmar, he said he impersonated a 28-year-old Singaporean woman named Ella and chatted with more than 100 people across dozens of profiles at the same time on a typical shift, while supervisors prowled among the desks with electric batons. In just a month, he targeted some 50,000 victims from at least 17 countries, according to records he smuggled out to The Associated Press. He said, “Everyone is a robot there.”
That line lands like a hammer. The people at the bottom were forced to perform fraud under threat, while the machinery above them — American tech, satellite networks, and the companies that profit from both — kept the whole racket moving.
Who Gets Worked Over
Koorimannil’s targets included a widowed tailor in Kurdistan, a pastry chef in Turkey, a sheep farmer in Kyrgyzstan, soldiers in Iraq, an engineer in Russia, a building painter in Germany, a port officer in Argentina, a student in Indonesia, a security guard in Poland and a dairy farmer in the Republic of Georgia. The AP/"FRONTLINE" investigation found that technology from American companies is being used to power a revolution in the scam industry, playing a key role in the industrialization and globalization of fraud.
Watchdogs said these companies have the technical capacity to do more to protect against abuse but lack the legal, regulatory and business incentives to crack down on a crime the Federal Trade Commission estimates cost Americans nearly $200 billion in losses in 2024. The infrastructure exploited to commit fraud begins much farther upstream than the social media platforms victims see, with American technology present all along the digital supply chains that connect scammers with the scammed, from AI models baked into powerful new tools to optimize workflow and create more perfect fakes, to satellite dishes that help scammers evade internet crackdowns, to internet service providers that carry traffic from the lawless borderlands of Myanmar to the phones and computers of millions of victims.
The AP found no evidence to suggest these companies were doing anything illegal themselves. But the abuse of their tools and tech infrastructure at scam compounds in Myanmar, as documented by AP and "FRONTLINE," raised questions about how vigorously they are enforcing their own terms of service, which prohibit illegal activity and, in many cases, explicitly ban fraud.
The Machinery Above Them
Among the findings, American-made AI models — chiefly ChatGPT and Gemini — were used to build specialized software that allowed scammers to work across dozens of languages, surveil workers and target victims around the world, with help from C4ADS, a Washington-based nonprofit focused on global security. Scammers who purchased these tools took in tens of millions of dollars, according to blockchain analysis by TRM Labs at the request of AP/"FRONTLINE." A sophisticated, global internet infrastructure supported Myanmar’s scam compound economy, which relied on services from Cogent Communications, AT&T, DigitalOcean and Oracle, among others.
One in five signals from devices at four scam compounds linked to sanctioned entities in Myanmar was carried by a U.S.-registered company, according to an AP analysis of more than 200,000 device connections provided by International Justice Mission, an anti-trafficking nonprofit. Elon Musk’s satellite internet company, Starlink, was the number one internet service provider in Myanmar, including to scam centers, according to device data, public records and interviews, despite public pressure from Congress and a widely publicized crackdown last fall.
At least 25 new scam compounds had been built deep inside Myanmar since a high-profile crackdown along the Thai border last fall, new satellite imagery showed. Scammers from at least 13 of these outposts used Starlink IP addresses to get online between early March and the end of May, an AP analysis of device and satellite data from International Justice Mission showed. The AP/"FRONTLINE" investigation was based on tens of thousands of leaked scam center files, videos and photos; an analysis with C4ADS of misuse of AI at scam centers; an examination of more than 200,000 connections made by devices over a year at four scam compounds in Myanmar linked to entities sanctioned by the U.S. government; and interviews with 58 scam victims and three dozen current and former scammers from 19 countries.
Cybersecurity experts said internet service providers, AI companies and Starlink could do more to prevent the abuse by scammers, but lack the legal, regulatory and business incentives. Sascha Meinrath, the Palmer chair in telecommunications at Penn State University, said, “If there’s no disincentive to continuing this, if there’s no cost to actually facilitating scamming, then why would I spend a dollar to prevent scamming? This is the problem. It’s identifiable, it’s addressable — at least somewhat — but it costs something. And right now the cost of facilitating scamming is zero.” Outside the United States, that cost is starting to rise. The United Kingdom, the European Union, Australia and Singapore have introduced new regulations that require companies to do more to prevent scams — or face financial penalties.
What the Powerful Say They’re Doing
In Washington, lawmakers and government officials have been asking American tech companies to cooperate to cut scammers off from U.S. infrastructure, but on a voluntary basis. In November, District of Columbia U.S. Attorney Jeanine Pirro created the Scam Center Strike Force to target scam compounds. In a four-day exercise in May, the Strike Force worked with Meta, SpaceX, Google and others to disrupt more than 1.4 million social media and email accounts, interrupt malicious IP address traffic, seize satellite internet terminals and decommission servers and hosting infrastructure linked to Southeast Asian scam networks.
Pirro said in an email to AP, “We will not allow criminal organizations to weaponize our own infrastructure against us or devastate the life savings of hardworking families. Our message is clear: we will find you, we will stop you, and we will protect the American people.” OpenAI and Google both said they have robust programs in place to proactively disrupt scammers from abusing their tools. Starlink did not respond to detailed requests for comment. Internet service providers said they can’t see the content their networks carry or what end users are doing online, citing privacy by design, and said they respond to valid abuse reports and cooperate with law enforcement.
OpenAI said that based on the information AP shared, it identified and banned three accounts that had been using its models to support online scams. Oracle said it was “diligently working with law enforcement” on the material shared by AP. UpCloud, a Finnish cloud services provider with servers in the U.S., said AP’s query had prompted an internal review and refinement of its risk assessment processes.
OpenAI CEO Sam Altman has likened artificial intelligence to a utility, akin to electricity or water. Matthew Moynahan, the CEO of GetReal Security, said, “This has to be like clean water. Anything coming out of the tap for an end user, whether that tap is a PC, a browser somewhere, or your mobile phone, dirty water shouldn’t get to you. This is what this is.”
The use of AI in scams is exploding so fast that many in the cybersecurity community fear fully automated scams run by AI agents will soon become commonplace. Ari Redbord, global head of policy at TRM Labs, said, “We’re moving towards a world where maybe you don’t need human scammers anymore. All you need is hundreds, thousands, millions of agentic agents who don’t need to sleep, don’t need to eat, who are 24/7 doing this.” Already, the basic AI-powered tools Koorimannil used required scant human intervention. His job was to cut and paste responses from scripts his scam bosses generated.
Koorimannil and his best friend had answered an ad online for jobs encouraging tourism to Thailand. From the airport in Bangkok, however, a waiting black car sped them to the border with Myanmar, he said, and the next morning armed men escorted them across the Moei River to Tai Chang, a scam compound the U.S. government sanctioned last year. Koorimannil managed to sneak out a screenshot from his computer that AP and C4ADS used to identify the key to his productivity — a software platform called Kongtian Intelligent Customer Acquisition, or KT for short. AP also identified a similar suite of software, called Global Social Traffic Navigation, or 007TG, described by a former scammer as a “one-stop shop” for running scams at industrial scale.
KT and 007TG were part of a thriving gray market for tech that has both legitimate and illegitimate uses and is widely exploited by scammers, according to blockchain analysis, a review of Telegram channels frequented by scammers, and interviews with scammers from three countries. KT and 007TG were created by for-profit businesses using AI models from leading global companies and sold to scammers, who in turn generated tens of millions of dollars in illicit profits. OpenAI’s ChatGPT played the most prominent role, along with Google’s Gemini, though the software incorporated other AI models as well, including from Europe and China. Both KT and 007TG used ChatGPT and Gemini to generate automated replies, power a role-play chatbot that scammers could use to develop convincing characters, and embed real-time translation in over 100 languages, C4ADS found. KT and 007TG software also tracked the performance of workers, to devastating effect in Koorimannil’s case.
He was beaten for being bad at scamming people, leaving his body red and swollen with lashes, photographs show. “When they came near my computer, my hands would shake and sweat,” Koorimannil told AP. At night, he said, he and his best friend curled in the same narrow bunk, too frightened to sleep alone. In the end, through a connection in Bahrain, Koorimannil and his friend found a broker who oversaw ransom payments for 21 Indians from their compound, he said. They each had to pay 500,000 Indian rupees ($5,300) for their freedom.
Chris Colocousis, a divorced man in his 60s, said he first saw only that the woman who reached out to him on Facebook had a New York phone number and said she worked at a well-known financial firm in Atlanta. “Eliza” suggested a video call, and there she was — the same blond beauty as in her Facebook photos, with little bags under her eyes. He said she was too real not to be real. Now Colocousis has no idea where “Eliza” really is, whether he was talking with her or with ChatGPT, or even if she’s a she. He said the $400,000 he “invested” under Eliza’s guidance is now gone, robbing him of the secure retirement he’d spent years working for. “You just feel like your whole world fell apart,” he said. “I’m thinking about all this time that I invested into reaching a point where I could retire at a certain age — and it’s just gone.”
On Jan. 25, 2025, Colocousis laid out $80,000 cash in neat rows on his table, just as the customer service representative at his crypto trading app had instructed. Eliza had told him if he just paid this last bit, he could unlock his funds and withdraw all his money. “I will tell you that I feel a little uneasy but I know you keep telling me it’s ok,” he messaged her. She responded instantly with a string of kiss emoji. The next morning a young man, who Colocousis said showed up in a Jeep with New York plates, trudged across a thin layer of snow to his doorstep. Once inside, the man — who said his name was Vincent — told Colocousis to put the stacks of $50 and $100 bills in a plastic shopping bag. Vincent sent a message and the money instantly appeared in the fraudulent crypto trading account Eliza had helped Colocousis open, he said. Vincent left with a big smile and a quick, amiable wave. “See you next time,” he said. “Maybe. OK. Bye-bye.” Colocousis said he is still so shaken that he sometimes has trouble leaving his house. “The greed is --,” he said. “I’m all for capitalism, but when it’s totally ruining people’s lives, people that have worked their whole life towards a goal so that they don’t have to work anymore, only to have it just ripped out of their chest — you know, something’s wrong.”
Today, Musk’s Starlink satellite service is the most widely used internet provider in Myanmar, including at known scam compounds, AP found, despite an ongoing congressional investigation, a November order from a U.S. court to seize Starlink accounts from specific Myanmar scam compounds and announcements in October and June that Starlink had cut service to thousands of units around scam centers. Sen. Maggie Hassan, a New Hampshire Democrat who is leading a bipartisan congressional investigation into the role Starlink and other companies play in the surging losses of scam victims in America, said in an email to AP, “We need to do more at every level to combat the scams that are plaguing Americans across the country. Given that SpaceX’s Starlink is the first choice of satellite internet technology for many scammers, cutting off scammers’ access to Starlink is a key way to prevent scams at the source.”
To be sure, Starlink has been a lifeline for schools, humanitarian groups, hospitals, media and more in Myanmar, according to Amnesty International and others. But data from the Asia Pacific Network Information Center indicates that scammers represent a disproportionate share of its user base. Myanmar has become a haven for industrial-scale scam compounds, which have drafted some 300,000 people from dozens of countries, often against their will, according to the United Nations. One of those compounds is Deko Park, a conglomeration of big, blue-roofed buildings dotted with white satellite dishes near the Thai border.
Data from a sample of devices at Deko Park, provided by International Justice Mission, showed Starlink among the top internet service providers in use from Dec. 10, 2025, to Jan. 6, 2026, just after two regional telecom companies. An Ethiopian engineer named Ebisa said he used Starlink at Deko Park from December 2024 through December 2025, when he managed to escape. He asked AP to only publish his first name because he wants to protect his privacy. Ebisa’s job was to collect the WhatsApp numbers of rich, vulnerable men. He said he was constantly punished — beaten, shocked, detained and forced to exercise for hours at a time — for failing to meet impossible performance goals. One day, he said, he got fed up and tried to evade a beating. He didn’t get very far. He said the security guards at Deko Park beat him so badly he was blinded in one eye. Photographs show his eye injuries and AP spoke with an NGO who helped him seek medical care in Thailand. He said, “It was hard to survive. Finally, God helped us out from that hell.” Speaking from a shelter for human trafficking victims in Thailand in December, he said he wanted to get his eye fixed before going home because his mother’s health is fragile and he worried the sight of his injury might kill her. “It’s very shameful,” he said. “If God helps me, if I get medication, maybe I can get back my eye.” He later told AP from his home in Ethiopia that doctors had informed him they could not save his eye. “It’s been a tough reality to face,” he said. “They told me that it’s too late to bring back my sight.”
A Nigerian who was also tricked into working at Deko Park, Obinna Okeadu, never made it back home, according to three co-workers, a human rights activist and reports from his family back in Nigeria. On the afternoon of Oct. 28, 2025, Okeadu and his roommate, Ogbonnaya Tochukwu Agwu — known as Valentine — came off an unsuccessful overnight shift and were called out for punishment. Back in their dorm room after the beating, Valentine watched as Okeadu began to tremble uncontrollably. Okeadu slid to the ground with a thud, his head lolling strangely, with sharp, anguished sounds rising from his body. “It’s OK,” a friend told him softly. “We’re here.” But Okeadu was not OK. “I’m going to die like this,” Okeadu called out, according to Valentine. Valentine said Okeadu was taken away, presumably to a hospital. He prayed for his friend. But the next day, Okeadu’s computer disappeared and his name was deleted from work chats. Valentine never saw him again.
This kind of abuse, and the swelling cost of cyberscams to victims around the world, has led to periodic crackdowns. In early 2025, Thailand temporarily cut off internet connectivity, electricity and gas supplies to scam compounds just over its border with Myanmar. Starlink was a way around the blockade at the time. Satellite dishes proliferated on the rooftops of scam centers in Myanmar, satellite imagery showed, and Starlink usage in Myanmar surged, according to APNIC data. In April 2025, as the United States prepared sanctions against foreign scam networks in Southeast Asia, SpaceX reassigned IP addresses from Tanzania to create a dedicated block for Myanmar. By June 2025, Starlink was the number one internet service provider in the impoverished, war-torn country, with a 14% share of the market, according to APNIC data. In October, amid another sweeping crackdown, Starlink said it cut services to more than 2,500 units near scam compounds in Myanmar. It lost nearly half of its users in the country and its market share plunged from 15% to 6.5%, according to APNIC data. But in December, Starlink use surged back, and by February, the company was again number one in Myanmar. Today it has a nearly 20% share of the market, APNIC data show.
SpaceX’s October service cuts demonstrated that the company can sever scam centers from its satellites when it wants to, and showed just how important the criminal networks that pay for scam center infrastructure have been to its user base. According to Starlink’s own coverage map, it does not sell services in Myanmar. AP asked Myanmar’s ruling military government whether Starlink was legally authorized to work in the country but got no response. Starlink also declined to respond to detailed requests for comment. But in public comments, Lauren Dreyer, vice president of Starlink business operations at SpaceX, said Starlink has “zero tolerance” for abuse. “We proactively detect and disable terminals involved in illegal activity,” she said in a June statement about the company’s work with the Scam Center Strike Force. “Through collaboration with law enforcement and technology companies, we advance global anti-scam efforts and ensure Starlink remains a force for good.”
Yet Starlink’s service cuts have not stopped scammers, not even from one of the most high-profile scam compounds in Asia, KK Park. In October, in response to growing international pressure, Myanmar’s military government began demolishing the compound and broadcast images of dozens of seized Starlink terminals. But when the scammers scattered, they brought their tech with them. By January, at least seven devices used at KK Park had migrated to a new compound some 30 kilometers to the northwest, near Hpakalu, according to International Justice Mission, which tracked the devices using ad tech data. Eric Heintz, a global analyst at IJM, said, “These new compounds are showing up in the middle of nowhere and they’re walled multibuilding complexes with a bunch of these terminals on the roof. You should be able to shut them down, and there should be a paper trail for who’s paying the subscriptions for them.” Heintz identified at least 25 new sites in Myanmar that have appeared or grown significantly since the crackdown last fall. Satellite imagery, verified by AP, showed empty fields transformed into industrial-scale office parks in just a few months and new roads cut through thick trees. White satellite dishes dotted the rooftops of some of them, and geolocated device data showed that scammers from at least 13 were logging on just as they did before, with Starlink.