A major corporate cyber fraud involving ₹7.68 crore has come to light in the national capital, where investigators have arrested a suspected mule account holder and frozen ₹4.28 crore while probing a sophisticated scam targeting a company linked to businessman and former parliamentarian Naresh Gujral, son of former Prime Minister Inder Kumar Gujral.
According to investigators, cybercriminals successfully infiltrated the company’s internal communication system through a malicious file sent to a finance department employee. The targeted attack ultimately enabled the fraudsters to impersonate senior management and convince company officials to transfer large sums of public capital into multiple unverified bank accounts controlled by the threat network.
Registration Begins for FutureCrime Summit 2026, India’s Largest Cybercrime Conference
The Target Contact Hijack Pipeline
The investigation revealed that the fraud was carried out using a carefully planned social engineering operation. The fraudulent asset siphoning operated via a distinct compromise cycle, beginning with digital payload infiltration where the attackers compromised the employee’s mobile device after the victim opened a malware-infected file.
Following this infiltration, the process moved to contact listing manipulation. The hidden threat operators silently altered the contact directory stored on the infected device, swapping the genuine contact numbers of Naresh Gujral with an active phone number entirely managed by the cybercriminals.
The loop concluded with an identity impersonation deployment, under which the fraudsters used messaging platforms while displaying Gujral’s photograph to trick the financial desk into authorizing multiple urgent Real-Time Gross Settlement (RTGS) transactions.
Multi-Layered Money Laundering Infrastructure
Trusting the high-level digital instructions to be genuine, the employee initiated multiple wire transfers between June 12 and June 16. The scheme remained completely undetected until unusually large transactions caught the attention of family members associated with the firm. When the instruction logs were verified directly with Naresh Gujral, it became clear that no such payment requests had been authorized, prompting the company to immediately approach law enforcement agencies.
Authorities examining the financial trail discovered that the money had been routed through a complex, multi-layered banking infrastructure designed to obscure its origin. The stolen funds initially entered four separate primary mule accounts located in different states. Within minutes of reception, the capital was broken up and distributed into more than 40 additional secondary bank accounts to disrupt automated banking tracking flags.
Interstate Raids and Verification Failures
During the investigation, officers traced one of the secondary accounts to an individual named Navneet, a private-sector employee operating from Punjab. Investigators allege that he provided access to his personal bank accounts in exchange for commission payments, allowing approximately ₹5 lakh of the fraudulent proceeds to be layered through his name. Navneet was arrested and is currently undergoing custodial interrogation to identify the handlers who purchased his account access.
Specialized units have launched simultaneous searches across multiple states, including Maharashtra, Telangana, and Andhra Pradesh, where the remaining mule networks are located. A significant breakthrough came when investigators managed to trace and freeze ₹4.28 crore before the funds could be withdrawn via cash kiosks.
Renowned cyber crime expert and former IPS officer Prof. Triveni Singh warned that corporate syndicates are heavily transitioning toward Business Email Compromise (BEC) and WhatsApp identity spoofing tactics. He emphasized that organizations must implement rigid, multi-level payment authorization systems that require independent voice or face verification for urgent fund transfer requests rather than relying solely on text-based smartphone chat logs.
