In a sensational Mumbai crime, a 65-year-old businessman from Worli was defrauded of ₹17.5 lakh in a highly coordinated cyber scam involving fake customer service impersonators and malicious banking app downloads. The crime unfolded over just two days, May 27 and 28, and has raised serious concerns over the exploitation of tech users during digital banking outages.
How The Mumbai Crime Unfolded
According to the FIR filed with the Mumbai Cyber Police on June 18, the incident began when the victim’s daughter encountered technical difficulties while trying to make transactions through their bank account. Frustrated by failed attempts, she searched for customer care assistance and called a number labelled as the bank’s official toll-free helpline.
What followed was a textbook case of social engineering. The scammer, impersonating a customer service representative, convinced the victim’s daughter to download what was supposedly an official app from the Play Store to resolve banking issues. However, the app was a decoy tool designed to steal sensitive information.
When initial verification failed due to the bank’s “server downtime,” the imposter requested the victim’s daughter to share an OTP sent to her mobile. Believing she was communicating with genuine bank staff, she provided the OTP. Within minutes, ₹49,999 was debited from the account. When confronted, the fraudster downplayed it as a dummy message and claimed he was merely “raising the transaction limit.”
In a calculated move, the Mumbai crime scammer asked for full debit card details – including card number, expiry date, and CVV – and used this to execute additional fraudulent transactions. Over WhatsApp and voice calls, he continued to gain trust, claiming the bank’s backend system was still under repair and that OTPs were necessary for further “testing.”
During the next 24 hours, the fraudsters repeatedly contacted the family, using new mobile numbers and posing as different banking representatives. They manipulated the family into sharing OTPs multiple times, assuring them it was part of a recovery process. The family, still unaware of the scam, complied, leading to four more transactions of ₹50,000 each.
The Vigilant Blog covers the crime beat and has a finger on the pulse of the latest crimes and scams. Follow us on Facebook and Twitter to get more news like this.
Then came the final blow. On the evening of May 28, the victim’s mobile received six back-to-back messages showing a massive debit of ₹15 lakh. A total of ₹17,49,999 had disappeared from the account. By the time the fraud was recognised, the funds were already siphoned off into unknown accounts.
The victim immediately filed a complaint via the cybercrime helpline (1930) and received multiple acknowledgements. A formal FIR (No. 0093/2025) was later lodged under various sections of the IT Act and Bharatiya Nyaya Sanhita, including cheating, criminal conspiracy, identity theft, and unauthorised access.
The police have launched an investigation into the mobile numbers and WhatsApp accounts used in the scam, including efforts to trace the fraudulent bank accounts where the funds were transferred, now that the Mumbai crime has been uncovered.
Authorities are urging citizens to never share OTPs or debit card details, even if the caller appears to be from a bank. Official banks will never request such sensitive information over the phone or WhatsApp. They stress that public awareness and vigilance remain the first line of defence against cybercrime.
Discover more from The Vigilant Blog
Subscribe to get the latest posts sent to your email.