Key Takeaways
- An AP/FRONTLINE investigation reveals that American‑made AI models and internet infrastructure are being exploited to run industrial‑scale romance scams from Myanmar‑based compounds.
- Scammers use software such as KT and 007TG, built on ChatGPT and Gemini, to automate multilingual chats, track worker performance, and generate convincing fake personas.
- U.S. internet service providers (e.g., Cogent Communications, AT&T, Oracle, DigitalOcean) and cloud companies route roughly one‑in‑five connections from these scam hubs, often via VPNs or leased IP addresses that mask the true origin.
- SpaceX’s Starlink has become the dominant internet provider in Myanmar, supplying a disproportionate share of traffic to scam centers despite periodic service cuts and public pressure.
- Victims span the globe—widowed tailors, pastry chefs, soldiers, engineers, farmers, and retirees—many of whom are trafficked and forced to work under brutal conditions.
- Blockchain analysis shows that a single cryptocurrency wallet linked to the 007TG platform received over $860,000, with associated scam networks netting at least $75 million.
- Tech firms claim robust anti‑abuse programs (e.g., OpenAI bans thousands of scam accounts monthly) but acknowledge they cannot monitor content directly due to privacy‑by‑design principles.
- Law‑enforcement actions, such as the DOJ’s Scam Center Strike Force, have disrupted millions of fraudulent accounts, yet reliance on voluntary cooperation limits systemic change.
- Emerging regulations in the UK, EU, Australia, and Singapore impose fines on companies that fail to curb scam abuse, while U.S. efforts remain largely incentive‑based.
- Experts warn that without financial or legal disincentives, the cost of enabling fraud will remain low, perpetuating a cycle where scammers continue to weaponize American technology.
Investigation Exposes the Scope of the Fraud Machine
The Associated Press, in partnership with FRONTLINE, uncovered a transnational scam empire that uses American technology to defraud victims worldwide. Leaked files, device‑connection logs, and interviews with more than fifty survivors and dozens of former scammers showed that a single trafficked worker, Safeer Mohammed Koorimannil, impersonated a Singaporean woman named “Ella” and chatted with over 100 people simultaneously across dozens of fake profiles. In just one month he targeted roughly 50,000 prospects from at least 17 countries, illustrating the industrial scale of the operation.
American AI Powers the Scam Scripts
Central to the scheme are AI‑driven tools such as KT (Kongtian Intelligent Customer Acquisition) and 007TG (Global Social Traffic Navigation). Built by for‑profit firms using OpenAI’s ChatGPT and Google’s Gemini, these platforms generate automated, multilingual replies, power role‑play chatbots that craft believable personas, and provide real‑time translation in over 100 languages. C4ADS analysis found that the software also monitors worker productivity; Koorimannil described being beaten with electric batons when his performance fell short, leaving his body red and swollen.
U.S. Internet Providers Carry the Illicit Traffic
An AP analysis of more than 200,000 device connections from four sanctioned scam compounds revealed that roughly one in five signals traveled through U.S.–registered networks. Major players included Cogent Communications, AT&T, Oracle, and DigitalOcean, with Cogent alone accounting for nearly 40 % of the traffic. While ISPs insist they cannot see the content of the data they carry due to privacy‑by‑design, they do respond to abuse reports and cooperate with law enforcement when presented with actionable evidence.
Starlink’s Dominance in Myanmar’s Scam Economy
SpaceX’s Starlink satellite service emerged as the top internet provider in Myanmar, supplying a disproportionate share of connections to scam centers. Despite congressional scrutiny, a U.S. court order to seize Starlink terminals, and periodic service cuts, Starlink’s market share rebounded to nearly 20 % by early 2026. Scammers lease Starlink IP addresses to obscure their true location, allowing them to evade platform safety checks on Meta, WhatsApp, and other services. Satellite imagery shows new compounds springing up with rooftop dishes, confirming the continued reliance on Starlink even after crackdowns.
Human Trafficking and Brutal Work Conditions
The scam compounds function as forced‑labor camps. Workers from South Asia, Africa, and Southeast Asia are trafficked under false pretenses of tourism or hospitality jobs, then subjected to beatings, electric shocks, and excessive exercise quotas. Ebisa, an Ethiopian engineer at Deko Park, was blinded in one eye after a severe beating for failing to meet impossible targets. Obinna Okeadu, a Nigerian trafficked to the same site, died after a punitive beating; his disappearance was noted only when his computer vanished from work chats. These testimonies underscore the human cost behind the digital fraud.
Financial Gains Revealed Through Blockchain Tracking
TRM Labs’ blockchain analysis for AP/FRONTLINE traced a cryptocurrency wallet tied to the 007TG platform, which received over $860,000 between April 2024 and December 2025. Funds flowed from wallets linked to known scam networks, and the associated criminals are estimated to have laundered at least $75 million. Such figures illustrate how AI‑enhanced efficiency translates directly into massive illicit profits, far outstripping the modest wages paid to the trafficked workers.
Tech Companies’ Statements and Limited Actions
OpenAI reported that, based on AP‑shared information, it identified and banned three accounts abusing its models for scams and removes roughly 100,000 scam‑related accounts each month, claiming a 95 % detection accuracy. Google said it engineers safety guardrails into its models and is committed to responsible AI development, though it did not answer specific queries about the findings. Oracle, UpCloud, and others said they conducted internal reviews after receiving the AP data but declined to disclose outcomes, citing privacy constraints and the inability to monitor end‑user content directly.
Law‑Enforcement and Regulatory Responses
In November 2024, the District of Columbia U.S. Attorney launched the Scam Center Strike Force, which in a four‑day May 2025 operation partnered with Meta, SpaceX, Google, and others to disable over 1.4 million fraudulent social‑media and email accounts, seize Starlink terminals, and dismantle hosting infrastructure linked to Southeast Asian scam nets. While the Strike Force demonstrates that coordinated action can disrupt fraud, its reliance on voluntary cooperation means lasting change depends on companies’ willingness to invest in preventive measures. Abroad, the UK, EU, Australia, and Singapore have begun imposing fines on firms that fail to curb scam abuse, creating a financial incentive absent in the current U.S. framework.
Why Abuse Persists: Incentives and Detection Limits
Cybersecurity experts argue that without a tangible cost to facilitating scams, companies have little reason to spend resources on prevention. As Sascha Meinrath of Penn State noted, “If there’s no disincentive… why would I spend a dollar to prevent scamming?” The dual‑use nature of tools like ChatGPT—used legitimately for translation, research, and content creation—makes it difficult to isolate malicious activity. Moreover, scammers often route traffic through VPNs or leased IP addresses, further obscuring accountability. Until legal or market forces shift the cost‑benefit balance, the abuse of American technology is likely to continue.
Looking Ahead: The Need for Proactive Safeguards
The investigation highlights a critical gap: American innovation fuels both legitimate progress and transnational crime. To curb the tide, stakeholders must consider stricter enforcement of terms‑of‑service, potential liability for knowingly enabling illegal activity, and incentives for proactive monitoring—such as tax credits or reduced insurance premiums for firms that invest in abuse‑prevention technologies. Simultaneously, expanding international regulatory frameworks and strengthening public‑private partnerships could raise the cost of fraud for scammers, making the exploitation of U.S. infrastructure less attractive. Only by aligning economic incentives with security imperatives can the promise of AI and global connectivity be protected from weaponization.