New Delhi — A case of online fraud in Karnataka’s Mangaluru has highlighted both the growing sophistication of cyber scams and the critical role of alert banking staff in limiting financial damage. A local doctor was duped into transferring ₹22 lakh after fraudsters promised him a large foreign payout, but further losses were prevented due to timely intervention by a Canara Bank official. The matter is currently being investigated by the Cyber Economic and Narcotic (CEN) police.

Lured by promise of a foreign reward

According to police officials, the doctor received an unsolicited international call in which the caller praised his professional work and claimed he was being rewarded with USD 2.5 million. Shortly afterwards, another individual contacted him while impersonating a customs official, stating that a parcel containing the money had arrived in his name.

The caller alleged that the consignment could only be released after payment of customs duties and processing fees, creating a sense of urgency and authenticity around the claim.

Money transferred over multiple days

Trusting the callers, the doctor visited a nearby Canara Bank branch over three consecutive days and transferred funds to several different bank accounts as instructed. Each transaction was presented as a compulsory charge related to customs clearance.

Investigators said the fraudsters deliberately split the amounts across multiple transfers and accounts to avoid immediate suspicion and make the financial trail harder to trace.

Bank official detects suspicious pattern

The repeated visits and unusual transaction behaviour raised concerns for a bank official, who flagged the activity as potentially fraudulent. Before allowing any further transfers, the official contacted the CEN police for verification.

Following preliminary checks, police confirmed that the doctor had fallen victim to a cyber scam. By that point, ₹22 lakh had already been transferred. The intervention, however, prevented additional payments, and the victim immediately lodged a formal complaint.

Police praise bank–law enforcement coordination

Mangaluru Police Commissioner Sudheer Kumar Reddy said the incident demonstrated the importance of cooperation between banks and law enforcement agencies. He noted that recent awareness meetings with banking staff had focused on identifying unusual transaction patterns linked to cybercrime.

“This case shows how timely vigilance by bank officials can stop fraud in progress and save citizens from even greater financial losses,” he said.

A familiar cyber fraud pattern

Police stated that the scam follows a well-established modus operandi commonly seen in online fraud cases:

• Unsolicited calls promising large sums of money from abroad
• Impersonation of customs or government officials
• Demands for payments described as taxes, duties, or processing charges
• Routing money through multiple accounts to obscure tracking

Authorities reiterated that no legitimate government agency demands payments over phone calls or messaging apps to release parcels, rewards, or funds.

Advisory for the public

Cybercrime officials have urged citizens to remain cautious when receiving unexpected international calls or offers of large financial rewards. Any demand for money linked to customs, taxes, or overseas consignments should be independently verified with banks or reported immediately to cyber police.

A reminder on cyber safety

The Mangaluru case underscores how quickly fraudsters exploit trust and urgency—but also how institutional alertness can limit the damage. Officials emphasised that public awareness, combined with proactive monitoring by banks, remains the strongest defence against increasingly sophisticated online scams.

India’s telecom regulator, the Telecom Regulatory Authority of India (TRAI), has issued a directive requiring all insurance companies regulated by the Insurance Regulatory and Development Authority of India (IRDAI) to adopt a dedicated “1600-number series” for customer communications. The measure is aimed at curbing the rising tide of voice-based financial frauds and restoring consumer trust in phone calls from legitimate institutions.

A Targeted Approach Against Voice Scams

Fraudsters have increasingly exploited ordinary 10-digit mobile numbers to impersonate banks, insurers, and government offices, luring consumers into phishing, financial, and social-engineering scams. TRAI’s solution is deceptively simple: assign a special, instantly recognizable numbering range exclusively for BFSI (banking, financial services, and insurance) entities and select government organisations.

Calls originating from the 1600 series are intended to be instantly distinguishable from promotional, spam, or fraudulent calls, providing consumers with a clear signal of authenticity.

Mandatory Transition for Insurers

TRAI’s order sets a firm deadline: all IRDAI-regulated insurers must complete migration to the 1600 series by February 15, 2026. The move aligns with previous directives for institutions regulated by the RBI, SEBI, and PFRDA, which have already started migrating certain transactional and customer-service communications to the 1600 range.

Why the 1600 Series Matters

Behavioral research shows that consumers are more likely to answer and trust calls that appear legitimate. Fraudsters have long abused the lack of differentiation in standard 10-digit numbers. By creating a uniform trusted-calling framework, regulators aim to reduce impersonation-based scams and encourage safe engagement between customers and their financial service providers.

“The structured and time-bound adoption of the 1600 series will significantly improve consumer safety,” TRAI said, emphasizing its role in mitigating voice-based financial frauds.

Adoption Progress and Challenges

While around 570 entities have migrated so far, collectively subscribing to 3,000+ numbers in the 1600 series, many organizations still rely on standard mobile numbers, leaving openings for fraudsters. TRAI noted that voluntary migration was insufficient, prompting the enforcement of a clear deadline to accelerate adoption.

The regulator continues to engage with telecom providers and financial regulators under the Joint Committee of Regulators (JCoR) to ensure smooth migration and compliance.

Rebuilding Trust in Voice Communications

The move comes as scam and spoofed calls increasingly erode public confidence in phone communications. By enforcing a dedicated numbering system, authorities hope to:

• Minimize impersonation fraud
• Enhance consumer confidence in legitimate calls
• Provide a clear, trustworthy identity for BFSI communications

As scam calls grow in sophistication, the 1600-number initiative represents a critical step in strengthening the integrity of India’s financial communication channels.

As Black Friday and Cyber Monday approach, cybersecurity researchers are warning of a growing wave of holiday-themed scam websites designed to trick consumers into revealing payment information. These fraudulent online stores, engineered to mimic popular retail brands, are appearing at unprecedented scale, posing a serious risk to shoppers during the 2025 holiday season.

Industrialized Online Fraud

Researchers have identified over 2,000 new fraudulent domains in recent months, including typosquatted Amazon URLs and more than a thousand suspicious .shop sites impersonating major brands. Many of these domains were dormant for months before suddenly going live with full product catalogs, holiday graphics, and payment portals timed to coincide with peak online shopping traffic.

Scam sites use aggressive tactics to drive impulsive purchases, including flash banners, countdown timers, fake trust badges, and pop-ups warning that items are “almost sold out.” Analysts describe this as psychological manipulation designed to pressure shoppers into buying before evaluating risks.

Centralized Operations and Hidden Infrastructure

Evidence suggests these scams are centrally coordinated, rather than isolated incidents. Numerous malicious domains share identical servers, content delivery networks, and hosting providers, often behind services like Cloudflare that obscure the operators’ identities. Some domains even rely on the same assets—banners, product grids, and JavaScript files—reused across hundreds of sites.

Researchers describe the network as “industrialized fraud,” with automated storefront generation, repeated layouts, and cloned code allowing rapid deployment of new scam sites. Domain registration patterns reveal a surge in new .shop domains from obscure registrars, created just weeks before the shopping season.

How Scammers Monetize Data

Fraudsters route payment information entered by unsuspecting shoppers to shell merchant websites, often based overseas, which process transactions on behalf of the scammers. This allows them to bypass automated fraud detection systems, resulting in unauthorized withdrawals, identity theft, and financial losses. Because many sites operate through reverse-proxied infrastructure, law enforcement faces challenges in tracking and shutting down operators before they abandon the domains.

Exploiting Brand Trust

The .shop top-level domain has become a focal point for large-scale impersonation campaigns. Fake sites mimic established brands such as Apple, Samsung, Ray-Ban, and Dell, often using minor lexical variations like “box,” “sale,” or “lucky” to appear legitimate. Many of these sites reuse pre-designed scam kits, replicating layouts, slogans, and checkout frameworks across multiple domains.

Tips for Holiday Shoppers

Experts advise consumers to exercise caution this holiday season:

• Verify URLs: Only shop through official brand websites.
• Avoid unfamiliar domains: Be wary of new or suspicious-looking sites.
• Resist high-pressure tactics: Treat “limited stock” warnings or flash deals with skepticism.

With online shopping and cyber-fraud evolving in tandem, vigilance and awareness remain the best defenses against these sophisticated holiday scams.