American technology and American companies are being used to power a revolution in the cyberscam industry, and the people getting squeezed are the ones at the bottom of the digital pile. An AP/"FRONTLINE" investigation found that the infrastructure exploited to commit fraud begins much farther upstream than the social media platforms victims usually see. The machinery is built into the supply chains, the networks, the satellite links, and the AI tools that make industrial-scale fraud possible.
Who Pays for the Scam Economy
Watchdogs say satellite internet, AI and internet infrastructure companies along those digital supply chains have the technical capacity to do more to protect consumers, but they lack the legal, regulatory and business incentives to crack down on a crime the Federal Trade Commission estimates cost Americans nearly $200 billion in 2024. The AP found no evidence to suggest these companies were doing anything illegal. Still, the patterns of abuse AP identified raise questions about how vigorously they enforce their own terms of service, which prohibit illegal activity. That’s the neat trick of the system: the companies keep the pipes open, the fraud keeps flowing, and the victims eat the loss.
American AI is being used to scam at industrial scale in Southeast Asia. The AP identified two suites of software used by scammers at compounds in Southeast Asia. OpenAI’s ChatGPT played the most prominent role in these tools, along with Google’s Gemini, though the software incorporated other AI models as well, according to an analysis with security nonprofit C4ADS. The software, which has legitimate and illegitimate uses, allows scammers to work across dozens of languages, generate automated replies, develop credible characters and track employee performance. Scammers who purchased these tools took in tens of millions of dollars, according to blockchain analysis by TRM Labs at the request of AP/"FRONTLINE".
OpenAI and Google both said they have robust programs in place to proactively disrupt scammers from abusing their tools. OpenAI said that based on the information AP shared, it banned three accounts that had been using its models to support online scams. The companies’ statements sound tidy enough. The damage is already built into the business model.
The Networks That Carry It
U.S. internet service providers play an outsized role in carrying scam center traffic. One in five signals from devices at four scam compounds linked to sanctioned entities in Myanmar was carried by a U.S.-registered company, according to an AP analysis of more than 200,000 device connections provided by International Justice Mission, an anti-trafficking non-profit. No other non-regional country came close. Among them were Cogent Communications, Oracle, AT&T and DigitalOcean. Companies outside the U.S. — including UpCloud, in Finland, and GlobalTeleHost, in Canada — also had servers in the U.S. that hosted high-risk traffic from scam centers.
These companies all emphasized they can’t see the content their networks carry or what end users are doing online, describing that as privacy by design that constrains their ability to monitor for abuse. All said they respond to valid abuse reports and cooperate with law enforcement. Oracle said it was “diligently working with law enforcement” on the material shared by AP. UpCloud said AP’s query had prompted an internal review and refinement of its risk assessment processes. The language is polished. The infrastructure still does the work.
Starlink is the number one internet service provider in Myanmar, including to scam centers, according to device data, public records and interviews, despite Congressional scrutiny and a widely publicized crackdown last fall, when the company said it cut off 2,500 kits near scam compounds. Scammers are still using Starlink, including from a proliferation of new sites that have grown inside Myanmar since then, satellite imagery and device data International Justice Mission shared with AP show. At least 25 new sites have been constructed, and at least 13 of them have used Starlink to get online, device data shows. That data covers only a sample and may not capture all Starlink activity at these locations.
Starlink declined to respond to detailed questions, but has publicly said they cooperate with law enforcement — including a crackdown in May with the Department of Justice’s Scam Center Strike Force and other companies — and are committed to ensuring the service remains “a force for good.” The phrase lands like corporate wallpaper over a very different reality: the service remains central to the scam economy.
What They Call Regulation
Critics say that in the U.S. the cost of facilitating scamming is zero. Tech companies have access to a trove of data that could be used to minimize illicit activity, but doing so requires significant investment, cybersecurity analysts say. Sascha Meinrath, the Palmer chair in telecommunications at Penn State University, said, “If there’s no disincentive to continuing this, if there’s no cost to actually facilitating scamming, then why would I spend a dollar to prevent scamming? This is the problem. It’s identifiable, it’s addressable — at least somewhat — but it costs something. And right now the cost of facilitating scamming is zero.”
Outside the United States, that cost is starting to rise. The United Kingdom, the European Union, Australia and Singapore have introduced regulations that require companies to do more to prevent scams — or face financial penalties. Meanwhile, in Washington, lawmakers and government officials have been asking American tech companies to cooperate to cut scammers off from U.S. infrastructure, but on a voluntary basis. Voluntary, of course, means the bosses get to decide whether the rules matter.
U.S. Attorney Jeanine Pirro, who leads a new Scam Center Strike Force that has sought to forge partnerships with industry, said at a recent conference, “The amazing part of this tragedy is that the criminals use our own infrastructure to commit the crime. When fraud is detected, industry must be ready, willing and able to stop it.” The infrastructure is theirs. The profits are theirs. The burden lands elsewhere.
This story is part of an ongoing collaboration between The Associated Press and “FRONTLINE” (PBS) that includes an upcoming documentary. Kinetz reported from Rome, Washington, London and Lisbon, Portugal. AP journalists Juliet Linderman in Washington and Raynham, Mass, Ope Adetayo in Lagos, Nigeria, Larry Fenn in New York, Huizhong Wu in Bangkok and Michael Reo in Washington contributed to this story. Freelance reporter Rejimon Kuttappan in Thiruvananthapuram, India, and Anthony DeLorenzo, Martha Mendoza and Peter Klein from “FRONTLINE” (PBS) also contributed. The Associated Press receives financial support from multiple private foundations. AP is solely responsible for all content. Find AP’s standards for working with philanthropies, a list of supporters and funded coverage areas at AP.org. Contact AP’s global investigative team at [email protected] or https://www.ap.org/tips/