Cyber Police Investigate Sophisticated Investment Fraud Operated Through Fake Trading Apps and Messaging Groups

Hyderabad Cyber Crime Police have registered a case after a 31-year-old software engineer allegedly lost ₹37 lakh in a carefully designed online investment scam involving fake stock advisory groups posing as SEBI-registered professionals.

Officials said the fraud was executed through a structured digital ecosystem that used impersonation, manipulated trading dashboards, and psychological pressure tactics to extract large sums from the victim over several weeks.

Fake SEBI Identity Used to Build Investor Trust

According to investigators, the victim was added to a closed WhatsApp group that claimed to offer premium stock market insights under the name “A15 SEBI Premium Market Analyst Insights.”

To appear legitimate, the operators allegedly shared forged certificates, fabricated registration details, and staged performance reports showing consistent trading profits. Fake testimonials from other group members were also circulated to strengthen credibility.

The scammers gradually convinced the victim that the advisory group was officially connected to regulated financial authorities, encouraging him to participate in high-value investments.

Fraudulent Trading App Created Illusion of Profits

Authorities revealed that the victim was instructed to install a third-party application through an external link. The app reportedly simulated a live trading environment, displaying artificial profits and portfolio growth.

Encouraged by the apparent returns, the software engineer transferred multiple payments to different bank accounts controlled by the fraud network. The total amount invested eventually reached ₹37 lakh.

Police believe the platform was designed purely to manipulate user perception, creating a false sense of financial success to drive further deposits.

Pressure Tactics and Fake Regulatory Threats

The scam escalated when the victim attempted to withdraw his funds. At that stage, the operators allegedly changed their communication style, claiming that his account had violated regulatory trading rules.

They reportedly demanded an additional “compliance penalty” of 25% of the total balance to release the funds. When the victim questioned the charges, communication was abruptly cut off and access to the platform was blocked.

Investigators say this is a common pattern in digital investment fraud, where victims are pushed from promised profits into fear-based payment demands before being cut off entirely.

Cyber Police Investigation Underway

Hyderabad Cyber Crime officials have registered the case under relevant sections of the Bharatiya Nyaya Sanhita (BNS) and the Information Technology Act. Forensic teams are tracing digital footprints, including IP addresses, server routes, and linked bank accounts used to divert the funds.

Authorities are also identifying suspected “mule accounts” used to quickly transfer and launder the stolen money across multiple layers of transactions.

Public Advisory on Online Investment Scams

Cybersecurity officials have once again warned investors against joining unverified stock market groups on messaging platforms. They emphasized that legitimate regulatory bodies and licensed brokers do not operate investment schemes through informal chat groups or third-party download links.

Citizens are advised to verify any investment opportunity through official channels and immediately report suspicious financial activity to the national cybercrime helpline 1930 to increase the chances of fund recovery.

Authorities in Baguiati have launched a detailed investigation into a cyber fraud case in which a local resident was allegedly tricked into surrendering control of his bank account and unknowingly used as a “money mule” in a wider laundering operation involving ₹34.5 lakh.

Police say the victim believed he was applying for a legitimate business loan but was instead drawn into a coordinated scam network that exploited his personal and banking credentials to process illicit transactions.

Fake Loan Offer Used as Entry Point

According to investigators, the fraud began when the complainant approached an online consultancy claiming to offer quick approvals for business loans. The firm allegedly promised a ₹30 lakh loan with minimal documentation and fast processing.

As part of the onboarding process, the victim was asked to submit sensitive documents including identity proofs such as PAN and Aadhaar details, along with signed financial instruments and an upfront deposit.

Officials say the scamsters gradually built trust before escalating the process into a more intrusive verification stage.

Home Visit Leads to Complete Banking Takeover

The case took a critical turn when representatives of the fake consultancy reportedly conducted a “physical verification” at the victim’s residence.

During this visit, the suspects allegedly manipulated the situation to gain access to the victim’s internet banking credentials and linked email accounts. This enabled them to gain full control over his digital financial profile.

Investigators believe this step allowed the network to convert the victim’s account into an active channel for routing stolen funds.

Suspicious Transactions Flagged by Banks

Shortly after the compromise, two large credit transactions—amounting to ₹11 lakh and ₹23.5 lakh—were deposited into the victim’s account from unidentified sources.

When the account holder attempted to withdraw or access the funds, banking systems flagged the activity as suspicious and immediately froze the account.

Officials later confirmed that the incoming money was linked to ongoing cyber fraud cases, indicating that the victim’s account had been used as part of a broader money laundering chain spanning multiple states.

Cybercrime Network Suspected of Multi-State Operation

Preliminary findings suggest the fraud is part of an organized interstate cybercrime network that uses compromised bank accounts to layer and transfer illicit funds, making them harder to trace.

Police are now tracing IP logs, communication records, and transaction trails to identify the individuals behind the consultancy firm and their financial handlers.

Authorities are also working to map other possible victims whose accounts may have been similarly exploited.

Public Advisory on Loan Fraud and Account Misuse

Cybercrime officials have issued a strong warning against dealing with unverified private loan agencies, especially those requesting sensitive banking access or remote verification of financial accounts.

They reiterated that legitimate banks and regulated financial institutions never ask customers to share passwords, grant full account access, or hand over control of email or net banking credentials.

Citizens are urged to report suspicious financial activity immediately via India’s cybercrime helpline 1930 or the national reporting portal to help prevent further misuse of banking systems.

Kerala Police have issued a statewide advisory alerting businesses, government offices, and corporate organisations about a rapidly evolving cyber fraud technique known as the “boss scam,” which combines malware attacks with WhatsApp-based executive impersonation to trick employees into transferring large sums of money.

Officials said the scam is becoming increasingly sophisticated, often bypassing traditional security filters by exploiting trust within internal communication systems.

Fake Alerts Used to Trigger Panic in Organisations

According to cybercrime officials, the attack typically begins with fraudulent emails or messages that appear to originate from trusted authorities such as the Reserve Bank of India or external audit agencies.

These messages often claim urgent compliance issues or regulatory violations, creating a sense of panic within finance and administrative teams. Employees are then instructed to open attached files—usually ZIP archives—containing what are presented as “audit documents” or “verification tools.”

Once opened, these files may install malicious software that gives attackers remote access to the infected system, allowing them to monitor internal communications and extract sensitive data.

WhatsApp Web Hijacking Enables Executive Impersonation

After gaining access to internal systems, fraudsters reportedly take control of active messaging sessions, including WhatsApp Web accounts already logged in on office computers.

Using these compromised accounts, attackers impersonate senior executives such as CEOs or directors and issue urgent instructions to finance staff. Because messages appear to come from legitimate leadership accounts, employees often comply without further verification.

Authorities noted that this method allows cybercriminals to bypass suspicion and directly influence financial decisions within organisations.

Fake Urgency Leads to Unauthorized Fund Transfers

In most cases, employees are instructed to process high-value payments immediately, often under the pretext of confidential business requirements or emergency transactions.

Cyber police said that once funds are transferred, they are quickly routed through multiple intermediary accounts, making recovery difficult.

Investigators warned that this type of fraud relies heavily on urgency, authority pressure, and digital impersonation rather than direct hacking of banking systems.

Police Recommend Strict Verification Protocols

Kerala Police have urged organisations to implement stronger internal verification systems, particularly for financial approvals and fund transfers. Officials stressed that no legitimate executive or regulatory authority communicates high-value financial instructions solely through messaging apps or email.

Companies have been advised to:

• Avoid opening unsolicited attachments, especially ZIP or executable files
• Regularly check active sessions on messaging platforms like WhatsApp Web
• Implement multi-level approval systems for financial transactions
• Independently verify payment requests through direct voice or in-person confirmation

Cybercrime Helpline Activated for Immediate Reporting

Authorities have also encouraged organisations and individuals to report suspicious activity immediately to the national cybercrime helpline 1930 or through the official cybercrime reporting portal to improve chances of fund recovery and containment.

Police warned that early reporting is critical, as stolen funds are often rapidly transferred across layered financial networks within minutes.