A sophisticated cyber con recently targeted a nationalized bank in Bengaluru, successfully defrauding its staff of a staggering ₹38.2 lakh. The perpetrator impersonated a representative from a city-based real estate firm, executing the elaborate scam last Wednesday.
Following a formal complaint lodged by Indreesha J., the Chief Manager of the State Bank of India’s Banasawadi branch, the East Division Cybercrime Police initiated an investigation on Monday. An FIR has been registered, charging the accused under various sections of the IT Act and for impersonation under the Bharatiya Nyaya Sanhita (BNS).
The complaint outlines that the SBI Banasawadi branch had a standing business relationship with a local real estate developer since July. The arrangement stipulated that all apartment purchase considerations and vendor payments for the developer’s projects would be processed through this specific bank account.
Standard operating procedure dictated that for every incoming transaction, bank staff would electronically process mandates or instructions from the developer’s authorized representatives. These instructions would then undergo a telephonic cross-verification with the representatives to confirm their authenticity before any funds were transferred.
The bank’s complaint further detailed: “These requests consistently originated from the registered official email ID, and no discrepancies had been observed prior to this fraudulent incident. The account had been in regular operation without any adverse remarks, and the customer had maintained a healthy relationship with our branch. Given the regulatory nature of RERA accounts, the bank exercises heightened scrutiny and due diligence in handling all transactions.”
However, last Wednesday at approximately 11:01 a.m., the branch received a phone call from an individual claiming to be the authorized person for the developer. This imposter referred to an urgent email request for fund transfers, pressing the bank to process the payments immediately to meet project requirements.
Misled by the seemingly legitimate email, which appeared to originate from the authorized account, the bank proceeded with an RTGS (Real-Time Gross Settlement) transfer, disbursing ₹38.2 lakh to the specified beneficiaries.
The deception came to light the very next day when the developer’s actual authorized representative contacted the branch, emphatically denying any knowledge or authorization of the transaction.
A subsequent detailed scrutiny of the email header revealed the truth: the fraudulent instructions had been sent from an unauthorized, spoofed email account. This fake account was meticulously designed to mimic the genuine ID, effectively deceiving both the bank and the unsuspecting customer.
The bank staff promptly filed an online complaint with the National Cyber Crime Reporting Portal before formally approaching the police for assistance.
Authorities are now actively tracing the money transactions in an effort to identify and apprehend the perpetrator behind this sophisticated cyber scam.