A fabricated CBI investigation and a fake KYC verification call, deployed within weeks of each other in the same Uttar Pradesh district, show how India's cyber fraud networks continue to exploit both fear of law enforcement and routine banking anxiety with equal effectiveness.

Retired Official Loses ₹44 Lakh to Digital Arrest Scam, Bank Employee Loses ₹7 Lakh to KYC Fraud

The420 Web Correspondent
7 Min Read

Two major cyber fraud cases involving losses exceeding ₹51 lakh have come to light in Mathura district, where fraudsters allegedly used markedly different social engineering tactics to deceive their victims within the same district and, in one case, the same window of days. The larger of the two cases centres on Gopal Prasad, a retired official of Mathura Refinery and a resident of Chandralok Colony. On March 7, he allegedly received a phone call from a woman identifying herself as a CBI officer, who claimed a criminal investigation had been initiated against him in Bengaluru over suspicious transactions worth ₹3 crore linked to a bank account in Mumbai.

What followed was a sustained campaign of pressure rather than a single deceptive call. Investigators said the fraudsters contacted Prasad repeatedly through WhatsApp calls, with one caller identifying himself as a police inspector and warning that both Prasad and his family members could face serious legal consequences if he failed to cooperate with the supposed investigation. Believing the claims to be genuine and fearing legal action against himself and his family, the retired official allegedly shared his bank account details and OTPs directly with the callers. Police said ₹22 lakh was transferred from his accounts on March 10, followed by another ₹22 lakh on March 13, bringing the total loss to ₹44 lakh. The fraudsters allegedly assured him the money had only been “seized” temporarily as part of the investigation and would be returned once the inquiry concluded, a promise that proved false. When the amount was not returned even after four months, Prasad realised he had been cheated and lodged a complaint with the cybercrime police, leading to an FIR registered on June 28.

A Second Case, A Familiar Trick

The second case, involving Rajbala, a bank employee residing in Dwarikapuri, followed an entirely different script but arrived at a similarly damaging outcome. According to her complaint, she received a call on June 25 from an individual claiming to be a bank representative, who informed her that the KYC on her pension account required immediate updating and persuaded her to share an OTP to complete the process. Shortly after she shared the code, ₹7 lakh was fraudulently withdrawn across her three bank accounts.

That a bank employee herself fell victim to a KYC-based OTP scam is a detail worth sitting with. It underscores how effectively these scripts are engineered around routine, plausible banking interactions rather than relying purely on fear, meaning even individuals professionally familiar with banking procedures remain vulnerable when a call arrives framed as a standard compliance requirement. Investigators in both cases are now examining the bank accounts used to receive the stolen funds, mobile numbers involved, digital devices, call records and financial transaction trails, with police stating that technical evidence and banking records are being analysed to identify and apprehend those responsible.

The Fake CBI Call Is Not an Isolated Script

Prasad’s case fits a pattern that has become disturbingly consistent across India over the past year. In a strikingly similar case from Punjab in December, a 72-year-old retired bank employee in Moga was kept under what investigators described as digital arrest for nearly a year, coerced into transferring ₹43 lakh after fraudsters posing as Customs and CBI officials threatened him with arrest over alleged hawala links, even sending him a forged notarised certificate falsely claiming his money had been verified and cleared. In Delhi, a 75-year-old retired Army captain lost ₹65 lakh over 38 days after fraudsters combined a known-person impersonation with fake international bank credit alerts and a final digital arrest threat.

The consistency across these cases points to a well-tested criminal template rather than isolated opportunism. Nationally, digital arrest scams generated more than 30,000 complaints in 2025 alone, with the Supreme Court estimating countrywide losses near ₹3,000 crore for the year, part of a broader cyber fraud toll that reached an estimated ₹22,495 crore across roughly 28.1 lakh complaints. Retired government officials and bank employees appear repeatedly among the victims of these scripts, a pattern cyber investigators attribute to a combination of institutional trust, unfamiliarity with evolving digital fraud tactics, and a heightened, often paralysing fear of legal consequences among those who spent careers within formal institutional structures.

What Both Cases Reveal About Prevention

Cyber investigators examining both Mathura cases noted that criminals increasingly impersonate officials from government agencies, banks and law enforcement organisations specifically to create fear or urgency, since fabricated investigations, digital arrest threats, KYC verification requests and banking compliance checks have all proven reliably effective at extracting confidential banking credentials and OTPs from otherwise cautious individuals. Police have reiterated the same core guidance that accompanies nearly every such case: never disclose bank account details, OTPs, PINs or passwords over phone calls, messages or social media, regardless of the caller’s claimed identity, and independently verify any claims involving legal action, investigations or banking procedures through official channels before taking financial action.

What distinguishes these two Mathura cases, beyond their combined toll of ₹51 lakh, is how squarely they illustrate the two dominant currents running through India’s cyber fraud landscape: fear-based impersonation of law enforcement, and routine-disguised banking fraud. Both currents continue to succeed for the same underlying reason, victims are given no time to pause, verify, or consult others before acting, which is precisely the space that a five-minute call to the national cybercrime helpline, 1930, is designed to interrupt before money leaves an account rather than after.

Stay Connected