India ID Theft Scam: ₹1.96 Crore Lost via Maharashtra Documents Impersonation

Post Views: 7

Cyber Impersonation Scam Targets Corporate Financial Operations

A recent case in Chandigarh highlights the rising threat of social engineering attacks on corporate financial systems. A business owner lost nearly ₹1.96 crore after being duped by fraudsters impersonating the company’s Managing Director.

According to the police, “The scammers created a fake profile using the MD’s display picture and sent urgent instructions to the company’s accountant, resulting in a prompt transfer of funds to a private bank account.”

The attack followed a classic “impersonation and urgency” social engineering model, where attackers studied the organizational hierarchy and communication patterns before targeting employees responsible for financial transactions. By using a familiar identity and creating a sense of urgency, the scammers manipulated the victim into acting quickly without following standard verification protocols.

This type of attack relies on psychological pressure rather than technical hacking, making it difficult to detect in real-time.
Cybersecurity experts warn that such attacks frequently exploit vulnerabilities in employee psychology, rather than technical weaknesses in the system.

In this case, the accountant believed the instructions to be genuine, transferring a total of ₹1.96 crore to the scammers’ account. The transfer was carried out under pressure, as the messages mimicked the communication style and authority of the senior executive, leaving little room for suspicion.

According to the business owner, “The Managing Director denied issuing any such instructions or requesting funds, which prompted me to confirm the transaction with him.”

The scam came to light when the accountant later confirmed the transaction with the actual Managing Director, who denied issuing any such instructions or requesting funds. The company immediately reported the incident, triggering concern within the organization given the scale of the financial loss.

Policemen are currently tracing the bank account where the funds were transferred and analyzing digital evidence to identify the perpetrators.
Efforts are also underway to track the accused involved in the impersonation scam.

This case serves as a reminder of the importance of verifying transactions and adhering to standard verification protocols, even in cases where there appears to be a sense of urgency. Companies must remain vigilant against social engineering attacks and take steps to educate their employees on how to identify and report suspicious activities.