An Agra company allegedly lost ₹1.98 crore after an accountant acted on fake WhatsApp payment instructions resembling the director’s number. Police are tracing the beneficiary account, digital communications and possible organised cybercrime links.

₹1.98 Crore Transferred After Accountant Receives Spoofed WhatsApp Message

The420 Correspondent
4 Min Read

Agra: Cybercriminals allegedly defrauded a private company in Agra of ₹1.98 crore by using WhatsApp spoofing techniques to issue fake payment instructions. The accused allegedly created a WhatsApp identity resembling the mobile number of the company director and sent fraudulent instructions to an accountant, following which a large amount was transferred from the company’s bank account. A case has been registered at the Cyber Crime Police Station on the complaint of company director Santosh Kumar Sharma, and an investigation has been initiated.

According to police, the affected company, SKS Infra Projects Private Limited, reported that the incident took place on July 9, 2026. The company’s accountant, Ram Mohan, allegedly received a WhatsApp message from a number that closely resembled the actual mobile number of director Santosh Kumar Sharma. The message reportedly instructed him to complete an urgent payment on behalf of the company.

Registration Begins for FutureCrime Summit 2026, India’s Largest Cybercrime Conference

Based on the complaint, the accountant believed the WhatsApp communication to be an authentic instruction from the company director and transferred ₹1.98 crore from the company’s ICICI Bank account without additional verification. The amount was allegedly transferred to an account belonging to Mamik Kitchen Private Limited with IndusInd Bank.

The fraud came to light when Santosh Kumar Sharma noticed the large financial transaction and questioned the accountant regarding the payment. The accountant reportedly informed him that the transfer was made based on instructions received through WhatsApp. A subsequent internal verification revealed that no such payment instruction had actually been issued by the company director.

During the preliminary investigation, police suspect that cybercriminals may have used WhatsApp spoofing or other digital manipulation techniques to target the company’s internal payment process. Investigators are examining how the accused obtained information about the director’s mobile number, how the fake WhatsApp identity was created and what methods were used to execute the fraudulent transaction.

The company also reported the incident through the cyber fraud helpline after discovering the transaction, following which a case was registered at the Cyber Crime Police Station. Police are now analysing bank account details, WhatsApp communication records, mobile numbers, IP addresses, digital footprints and other technical evidence to trace the accused.

Investigators are also probing whether the incident was carried out by an organised cybercrime group specialising in corporate payment frauds. Authorities are examining the beneficiary bank account, transaction trail and possible links with other suspicious financial activities to identify the complete network involved in the alleged fraud.

Renowned cybercrime expert and former IPS officer Prof. Triveni Singh said that corporate cyber frauds increasingly involve social engineering, fake identities and manipulation of digital communication platforms to mislead employees. He advised companies to adopt multi-level payment verification systems, confirm high-value transactions through direct communication and strengthen internal financial security protocols. He also cautioned businesses against approving large payments solely on the basis of WhatsApp or email instructions without independent verification.

The investigation is currently underway. Police officials said efforts are being made to identify the accused through banking records, digital evidence and technical analysis. If the involvement of additional individuals or a wider cybercrime network is established during the probe, further legal action will be initiated as per the law.

About the author — Suvedita Nath is a science student with a growing interest in cybercrime and digital safety. She writes on online activity, cyber threats, and technology-driven risks. Her work focuses on clarity, accuracy, and public awareness.

Stay Connected