Navi Mumbai: Pharma Products Supplier From Panvel Loses Rs 1.54 Crore in Cyber Fraud

A 40-year-old businessman, a supplier of pharmaceutical products, lost Rs 1.54 crore to a cyber fraudster after transferring the money to another bank account. The fraudster deceived the victim by providing different bank account details via an email address resembling that of a China-based company.

The victim and complainant, a resident of Panvel, has been importing pharmaceutical products from China to supply pharmaceutical products in India for the past six years. His usual practice involves making advance payments to the Chinese company for all imports.

Also Read | Ransomware emerged as top cyber threat in India: Report.

The victim placed an order for materials on January 8, 2024, with an expected delivery date of January 25. Due to the size of the order, the victim requested to make the payment in phases. All correspondence with the Chinese firm was conducted via email at pengzhen.liang@epharmatech.com.

On January 11, the victim received an invoice for payment from the Chinese firm and promptly processed a payment of $50,000 on January 25. In the midst of these transactions, on January 24, the victim received an email from a fraudulent address, pengzhen.liang@epharmatech.cam, purportedly notifying of a change in the company's bank account number for all future payments. However, due to being away on travel, the victim did not immediately notice this email.

On February 5, the victim once more received an email from the fraudulent email address concerning the purported change in the company's bank account number. This time, the email also claimed that the victim had previously made a payment into the old bank account. However, the victim responded by requesting that the details of the new bank account be sent in an official document bearing the company's letterhead and stamp. Surprisingly, the scammers complied and shared bank details within a document featuring the company's letterhead.

Also Read | Cyber Fraud Alert: Navi Mumbai Man Loses Rs 9.5 Lakh in Stock Market Scam, Bank Account Frozen.

However, the victim failed to notice the discrepancy in the email address. The fraudulent email address utilized ".cam" instead of the legitimate ".com" domain, which went unnoticed by the victim. The victim unknowingly initiated correspondences with the fake email address and, unfortunately, proceeded to transfer a total of $185,396 to the bank account provided by the cyber fraudsters.

Meanwhile, on March 18, the victim received an email from the original email address of the company regarding a payment. Upon informing the company about the change in bank account details, the victim was informed that no such change had been authorized. Realizing the discrepancy, the victim promptly contacted the bank, where it was discovered that the email address used for the fraudulent transactions differed from the legitimate company email address. Unfortunately, by this time, the victim had already incurred a loss of Rs 1,54,56,444.

Subsequently, the victim approached the Cyber Police Station and filed a formal complaint. The police promptly registered a case against four unidentified individuals under relevant sections of the Indian Penal Code (IPC) and the Information Technology (IT) Act, and initiated a thorough investigation into the matter.