96 Suspected Mule Accounts Found at a Single Delhi Bank Branch; Cyber Hawk Operation Uncovers Cyber Fraud

The420.in Staff
6 Min Read

Delhi Police has uncovered 96 suspected mule bank accounts linked to a single private bank branch in Northeast Delhi during its special Cyber Hawk operation, exposing what investigators believe is part of a larger organised cyber fraud and money laundering network. Police suspect the accounts were used to route proceeds from cyber financial fraud through multiple banking channels before transferring the funds to hawala operators and cryptocurrency wallets.

One of the accounts identified during the investigation belonged to a 30-year-old unemployed resident of Northeast Delhi. According to police, he met a man identifying himself as “Shiva” while visiting his uncle, who was undergoing treatment for tuberculosis at GTB Hospital, in March 2026. Claiming that his mother was seriously ill and that he urgently needed cash but could not withdraw money from his own account, the man allegedly persuaded the victim to allow his bank account to be used.

Delhi Police’s Cyber Hawk operation uncovers 96 suspected mule accounts at a single private bank branch used for cyber fraud and hawala laundering.

Registration Begins for FutureCrime Summit 2026, India’s Largest Cybercrime Conference

Investigators said approximately ₹30,000 was first transferred into the man’s account. He allegedly withdrew ₹25,000 from an ATM, handed it over to the suspect, and added another ₹5,000 from his own pocket. Two days later, the suspect contacted him again, claiming another ₹24,000 had mistakenly been transferred into the account. The man later handed over that amount as well. Police allege he received approximately ₹2,500 as commission for permitting the transactions, although he stated during questioning that he was unaware the money was linked to cyber fraud.

Several weeks later, the man’s bank account was frozen after investigators linked it to two cyber fraud complaints registered outside Delhi involving transfers of ₹30,000 and ₹24,000. Following legal formalities, he was released, while the investigation into the network continues.

According to Delhi Police, cyber financial fraud generally operates in two stages. In the first stage, victims are deceived into transferring money through various online scams. In the second, the stolen funds are routed through mule accounts before being laundered via hawala channels and cryptocurrency transactions. Investigators said facilitators often recruit unemployed youth, daily wage labourers, and financially distressed individuals by offering commissions in exchange for access to their bank accounts, SIM cards, or digital banking credentials. In some instances, account holders are falsely told the transactions relate to legitimate online gaming or investment activities.

Using complaint data from the National Cyber Crime Reporting Portal (NCRP), transaction analysis, and digital intelligence, investigators identified 96 suspected mule accounts connected to the private bank branch. The probe further revealed that the digital credentials used to access one of the accounts originated from Tamil Nadu. Police teams subsequently traced additional linked bank accounts that were allegedly opened using forged Aadhaar cards and fake identity documents. A criminal case has been registered under the relevant provisions of the Bharatiya Nyaya Sanhita (BNS), and further investigation is underway.

The unusually high concentration of suspected mule accounts within a single branch prompted investigators to examine the bank’s online account-opening process. Police are investigating whether any bank employee knowingly facilitated the account openings, whether weaknesses in the online onboarding system compromised customer verification, or whether forged Know Your Customer (KYC) documents bypassed existing safeguards. However, investigators said no evidence has so far emerged establishing the involvement of any bank official. Police have nevertheless recommended that the bank strengthen its online account-opening procedures and introduce mandatory physical verification of customers.

Investigators have not yet identified or traced the individual who introduced himself as “Shiva.” According to police, the mobile number used during the transactions was allegedly obtained using forged identity documents. Authorities are continuing efforts to trace the chain of transactions and determine whether the funds ultimately reached hawala operators, cryptocurrency wallets, or interstate cybercrime syndicates.

Renowned cybercrime expert and former IPS officer Prof. Triveni Singh said mule accounts have become one of the most critical components of organised cyber financial crime. He noted that criminals frequently exploit unemployed and financially vulnerable individuals by offering small commissions in exchange for access to their bank accounts, SIM cards, and digital banking credentials. Once control is obtained, stolen money is layered through multiple accounts to conceal its origin. He added that stronger KYC verification, real-time monitoring of suspicious transactions, greater public awareness, and faster intelligence sharing between banks and law enforcement agencies are essential to effectively dismantle such networks.

The investigation remains ongoing. Authorities said the final conclusions regarding the alleged cyber fraud and money laundering network will depend on the examination of digital evidence, banking records, financial analysis, and the outcome of the legal proceedings.

Stay Connected