Last December, Shinde Bhojaram, a farmer of Dahegaon village near Bhainsa town of Telangana, was approached by two fellow villagers to participate in what sounded like a lucrative cotton business scheme. The well-dressed duo arrived at his house in a swanky car and persuaded the 48-year-old to open a bank account, promising him commissions ranging from ₹2,000 to ₹5,000. They even accompanied him to the bank and provided him a new phone number to put on the forms. After the formalities were completed, they left with the SIM card, passbook, ATM card and other documents.
In April this year, Bhojaram was pulled up by the bank for suspicious transactions amounting to lakhs of rupees in his account. It was then that he realised he had been conned. When he confronted the two, he was threatened with dire consequences.
Despite the threats, Bhojaram approached the police, and his complaint led to the uncovering of a much larger scam. Investigation revealed the operations of a gang which lured gullible people into opening a total of 125 mule accounts for fraudulent transactions in organised online betting.
Dahegaon, located 14 kilometres from the Maharashtra border and nearly 200 kilometres from Hyderabad, has a population of about 3,400, many of whom belong to the Arya Maratha community. Fluent in Marathi, Hindi, and Telugu, these close-knit villagers were shocked to learn about a scam that had targeted one of their own. Bhojaram, who lives with his wife and two sons in a house adjacent to his parents and extended family, had unwittingly become a mule in a fraudulent scheme that exploited the trust and naivety of innocent farmers in Bhainsa and neighbouring areas.
The duo, Naveen Vanikar and Pranay Shinde, had first met Bhojaram at a village function about two years ago. Claiming to be in the cotton business, they said they needed a bank account in his name for their transactions and offered him ₹2,000 for his cooperation.
“My elder son is about to enrol in the nursing wing of Indian Army and the younger one is pursuing B.Tech in Hyderabad. I did not want any trouble to befall them because of my mistakes and so, I chose to approach the police. I recently found out that Naveen and Pranay have conned several others and even thrashed a man who dared to question them,” shares Bhojaram.
He is among the “6-10% of farmers” who fall prey to cyber fraud every month, according to data shared by the District Cyber Crime Coordination Centre (D4C).
The Telangana Cyber Security Bureau (TGCSB) arrested Pranay, Naveen and Laxman Arugula, another key member of the gang, in May. About two weeks later, Kesara Keshava Reddy alias Maha, a native of Khammam district in Telangana and currently residing in Bengaluru, was also arrested for his involvement in the fraudulent scheme.
Easy loans, costly cons
One of the essential needs of farmers is quick and easy access to loans. Exploiting that need, scammers conned 35-year-old Amireddy Rajireddy, a farmer from Chowdaram in Siddipet district, of nearly ₹1.09 lakh of his savings.
In May, Rajireddy was looking for an instant loan to boost his crop yield for the season when he received a call that seemed like divine intervention to him. The caller offered him a loan of ₹1 lakh and asked him to submit his Aadhaar and PAN card numbers, and bank account details along with a ‘registration fee’ of ₹5,000 to initiate the process. “An hour later, I received a loan approval letter through WhatsApp. My phone rang again, and this time I was asked for the GST payment, insurance, and income tax, followed by the first instalment. After I made payments totaling ₹1,08,998, the caller went incommunicado,” he recalls.
In March, 31-year-old Kethireddy Santhosh Reddy, another farmer from Siddipet, lost ₹1.35 lakh to an investment fraud after being added to a WhatsApp group discussing task-based jobs. He sent the money in six transactions only to have his hopes for high returns dashed. Recalling his misadventure, he says, “I found it interesting and started doing the tasks. Initially, money started coming in — first ₹120, then ₹180, and later ₹200. It is working, I thought, and then I lost everything.”
Farmers are also conned on the pretext of new government schemes. “The scammers claim that a loan has been sanctioned in the victim’s name and ask for OTP and other banking credentials. Unsuspecting victims often give in and lose whatever little money they have saved,” says Mohd. Khaleel, an officer of Siddipet’s TGCSB branch.
TGSCB Superintendent of Police Devender Singh says the scammers cheating people in the two Telugu-speaking States of Telangana and Andhra Pradesh are actually locals recruited by gangs based in north India. “Language was once a barrier protecting rural people from cybercrimes. Now, these criminals, posing as job recruiters, are paid to convince their victims with scripted schemes. These ‘call centres’ are run from makeshift offices scattered across Jharkhand, Madhya Pradesh and Rajasthan,” he explains.
Official figures suggest the State is losing nearly ₹10 crore a day to cyber criminals.
Target beyond Hyderabad
Hyderabad has long been a hub for cybercrime, but other districts of Telangana are now falling prey due to increased digitalisation. In the first six months of this year, 32.40% of cybercrime cases were reported from 26 districts, including Warangal, Ramagundam, Karimnagar, Nizamabad, Siddipet, Medak, Sangareddy, Adilabad, Nirmal, and Jagtial. Keycrimes include business and investment fraud, identity theft, impersonation, loan scams, and job or advertisement frauds. These are often executed through task-based commission scams, trading platforms, credit card fraud and phishing attacks.
Private company employees, especially techies, are the primary targets, making up over 40% of victims in every district. Recent cases have also involved doctors, private bank employees, and retired government employees.
Educated people and job aspirants are getting conned the most, says Akhil Mahajan, SP of Rajanna Sircilla district. “Fraudsters are aware of their target’s travel history, bank account details, and other key information, which they use to weave a convincing narrative,” he adds.
Jagtial SP Ashok Kumar highlights the fraudsters’ use of strong social engineering skills and psychological manipulation to trick victims into divulging sensitive information.
Districts have become testing grounds for new cybercrime tactics. Of late, residents of Nirmal district have been receiving WhatsApp calls from international numbers, with callers claiming that their children are involved in drug cases or have been kidnapped. “They play crying sounds and pleas for mercy on phone,” says Ramana Rao, Nirmal Cyber Crime Inspector, adding at least 7-8 such cases have been reported so far, with 2-3 victims even losing money.
Lifetime savings lost to deceit
When 70-year-old Shankaraiah Basetty received an invitation to a relative’s wedding in Jagtial district, he had no idea he would soon lose ₹4.24 crore of his lifetime savings.
On November 1, while staying at his brother’s place in Korutla, Jagtial, Shankaraiah received a call informing him that he was the prime accused in a money laundering case linked to Jet Airways founder Naresh Goyal. The caller, identifying himself as an officer of Central Bureau of Investigation,Mumbai, even produced a Supreme Court notice in the septuagenarian’s name over a Skype call. He was then instructed to transfer all his money for ‘checking’.
Initially, Shankaraiah transferred ₹3.23 crore. The caller then showed him a Reserve Bank of India letter and demanded an additional ₹1 crore, which he transferred again.
The scammers kept him on the Skype call for three days, warning him against hanging up and disclosing about the ‘covert investigation’ to anyone. Ashok Kumar calls this a ‘digital arrest’: “He only hung up to attend the wedding ceremony but was contacted again and kept digitally arrested for three more days.”
D.V. Ranga Reddy from TGSCB in Jagtial’s D4C says Shankaraiah’s children are settled in the US, while he lives with his wife in a modest house in Chittoor district of Andhra Pradesh. “Even after losing his money, Shankaraiah was relieved to learn he was not involved in any CBI probe as an accused,” he says.
Within 23 days of the con, the money was split into 462 transactions across multiple mule accounts. Seven primary account holders were arrested in Malappuram, Kerala. The case has been transferred to the TGSCB headquarters in Hyderabad to trace and arrest the rest of the gang members, reportedly operating from Chhattisgarh, Punjab, West Bengal, Bihar, Assam, Arunachal Pradesh, and Madhya Pradesh. The cash was then sent to the gang’s kingpin in Dubai through cryptocurrency. The probe is ongoing, with over 40 people at large.
Shankaraiah’s loss is a fraction of the ₹707.25 crore stolen by cybercriminals in 2023. This figure has risen by over 20% in the first half of 2024, reaching ₹891.62 crore, as per TGCSB.
Crime without borders
In a twist to the usual narrative that cyber criminals operate from distant lands, a man who had flown half across the globe to settle down had a malware sent from his hometown in the form of an APK file. The incident took place in the southern part of the US, but the case was registered in Siddipet district of Telangana.
On April 23, Yerram Praveen Kumar, 42, a software employee based in Texas, was attending a work meeting from home when a WhatsApp message from ‘ICICI Bank’ popped up on his phone with an Indian SIM card. The message warned that his account would be blocked if KYC registration was not completed. With an impulsive click on an APK file, ₹13 lakh vanished from his account.
Praveen, originally from Gajwel in Siddipet, had moved abroad about six years ago. He settled in Texas, married an Indian woman, and started a family, while keeping his account active with the Pune branch of ICICI Bank.
Recounting the cross-continent fraud, Praveen explains that about a week before he received the message, his bank had informed him via e-mail about pending KYC registration to transfer ₹3 lakh from his trading account to his savings account. “Since I stay abroad, I had marked it as a to-do task for whenever I travelled back home,” he says.
Assuming the WhatsApp message was a follow-up, he clicked on the APK file. Within minutes, ₹13 lakh was wiped out of his account, in multiple transactions. “The cybercriminals took control of my device. I saw messages with OTPs popping up and disappearing. I could not access my e-mail as they changed the password using another OTP verification. Once all the money was transferred, I saw an e-mail trail of transactions from the bank,” Praveen recalls.
He tried to contact his bank to block the account, but being in a foreign land meant delays. Meanwhile, the fraudsters wrapped up the heist. “I feared for my family too, as my phone was connected to my home Wi-Fi. They could have easily accessed other devices on the network,” he adds.
Criminal profiling: IP address to arrest
To nab faceless fraudsters, officers from cyber security units across the State compile criminal profiles as the first step in their probe. The dossier, typically 3-4 pages long, includes extensive details such as personal and financial information, contact details, crime history, network connections, coordinates of their locations during day and night, and supporting evidence.
Ranga Reddy says with the rise of mule accounts and spoofed calls, identifying the true identity of fraudsters behind multiple fake personas is challenging. Criminal profiles not only uncover the real identity of these scammers but also provide key details about online transactions, live photos for facial recognition, frequently contacted numbers, common location coordinates, mobile device data, and past cybercrime links. “In most cases, each fraudster is linked to multiple cases across the country. Extensive research and investigation lead us to criminal profiles, after which offenders are apprehended in coordination with the Indian Cyber Crime Coordination Centre and respective State police,” he avers.
In Shankaraiah’s case, profiles of secondary and tertiary account holders have been compiled, and will be followed by arrest warrants in the respective States.
Alongside raising awareness, officials across districts are stressing the urgent need for a systemic overhaul of security protocols, including banking and SIM card registration and verification procedures.
Suryapet SP Sunpreet Singh points out that bank account details are readily available on the dark web. “With that, a fraudster does not care if the victim is educated or not. All they see is the victim’s bank balance and begin their con to wipe it clean,” he says, adding that identifying the sources of data breaches is crucial, given the vast amount of personal information collected by both government and private entities.
Ashok Kumar underscores the urgent need for substantial investments in preventing and detecting cybercrimes, rather than merely responding to them. He advocates for a strengthened KYC verification process as a crucial first step, calling for enhanced collaboration between law enforcement and financial institutions.
The official also highlights the alarming trend of multiple mule accounts linked to the same or fake Aadhaar cards, emphasising the need for dedicated bank teams to address the vulnerabilities during registration and verification stages.