Shoriful Islam, a 34-year-old man from Assam’s Morigaon district, allegedly exploited identity theft, fake documentation, and systemic loopholes to siphon off crores from India’s financial institutions. His operation, spanning multiple states, mobile numbers, and bank accounts, has laid bare a dangerous weakness in the nation’s financial oversight mechanisms.
The Man Behind the Mask: How One Individual Became Twenty
When authorities began digging into the loan fraud complaint registered under Laharighat PS Case No. 26/2024, they didn’t expect to unravel a nationwide con. At its center was a single man, Shoriful Islam, who, under a slew of aliases—Ashish Gupta, Vishal Gupta, and others—allegedly impersonated over 20 fictitious identities. Using 20 different PAN cards, forged Aadhaar cards, and counterfeit KYC documents, he is accused of securing loans and credit from major non-banking financial companies (NBFCs) and commercial banks.
The fraud wasn’t a single incident—it was a pattern. Using these fabricated identities, Islam reportedly opened multiple accounts at financial institutions, including IDFC First Bank, Equitas Small Finance Bank, Aditya Birla Finance Ltd., and Jio Payments Bank, among others. These accounts acted as vessels to receive, circulate, and withdraw funds from loans and credit cards obtained fraudulently.
A staggering ₹65.25 lakh was siphoned off from Aditya Birla Finance, and ₹1.35 lakh from an Axis Bank credit card, all through this network of deception.
FCRF x CERT-In Roll Out National Cyber Crisis Management Course to Prepare India’s Digital Defenders
The Systemic Breakdown: When KYC Checks Fail
The scam has raised alarming questions about the robustness of India’s Know Your Customer (KYC) protocols. Investigators have seized dozens of counterfeit PAN cards, customer acquisition forms, and bank account opening kits that bore forged signatures and details. Sources close to the investigation revealed that Islam even impersonated salaried professionals and entrepreneurs to meet the credit-worthiness criteria.
The scam went unchecked by digital verification systems. Financial institutions, often under pressure to onboard customers quickly, failed to flag multiple inconsistencies across documents, a lapse that Islam allegedly exploited with accurate precision.
Furthermore, the role of mobile numbers registered to fake identities was critical. These numbers were used to receive OTPs, manage internet banking access, and communicate with financial institutions. Investigators have now traced multiple mobile connections to forged CAFs (Customer Acquisition Forms), linking them directly to the scam.
The case is now being pursued under Sections 419, 420, 468, 471, and 120B of the IPC, along with relevant provisions of the Information Technology Act.
Family Ties and Financial Footprints: The Role of Parbin Sultana
Authorities have also cast their net wider. Shoriful Islam’s wife, Parbin Sultana, has been implicated as a beneficiary of the fraud. Her HDFC Bank account alone saw ₹42,28,761 in credits and ₹39,51,537 in debits, with officials flagging many transactions as proceeds of the fraudulent schemes. Notably, her account reportedly showed a negative balance by the time it was frozen.
The financial forensics unit has frozen a dozen linked accounts, ensuring that no further withdrawals or transfers can occur. Additional cases, such as Moirabari PS Case No. 178/2024, have been lodged as more victims and fraudulent transactions come to light.
A Wake-Up Call to the Financial Sector
The magnitude of the fraud has sent ripples across the financial services industry. Senior officials at Aditya Birla Finance and L&T Finance, speaking on background, admitted that their KYC and risk assessment algorithms had not picked up on the duplicity across loan applications. Cybersecurity experts argue this case exemplifies the urgent need for centralized identity verification systems, especially for high-risk financial products.
With rising digital penetration and increasing online lending, the Shoriful Islam case stands as a cautionary tale for the fintech revolution in India. It underscores the need for inter-bank coordination, stronger biometric cross-verification, and real-time fraud detection algorithms to prevent similar breaches in future.
The case is now under the supervision of state cybercrime and financial fraud units. Authorities have recommended prosecution under both the BNS and the IT Act provisions. More arrests are expected in connection with the network of enablers, those who may have supplied forged documents, phone numbers, and fake address proofs.
For now, Shoriful Islam remains in custody, his empire of fake identities dismantled, but his case leaves behind an urgent call for reform in India’s financial infrastructure, where one man exploited its blind spots with chilling efficiency.
About the author – Prakriti Jha is a student at National Forensic Sciences University, Gandhinagar, currently pursuing B.Sc. LL.B (Hons.) with a keen interest in the intersection of law and data science. She is passionate about exploring how legal frameworks adapt to the evolving challenges of technology and justice.