India’s cyber-fraud landscape is undergoing a significant geographical shift. Mule accounts commonly associated with notorious fraud hubs such as Jamtara in Jharkhand and Nuh in Haryana are now emerging in large numbers across quieter, less-monitored regions of Madhya Pradesh, Karnataka and Assam.
A recent multi-agency review meeting revealed a sharp rise in such accounts in Katni and Shajapur (Madhya Pradesh), Kalaburagi (Karnataka), and several districts in Assam. The trend signals that sustained regulatory pressure and heightened law-enforcement action in traditional hotspots are forcing criminal networks to relocate to new, low-surveillance pockets.
Mule accounts bank accounts misused to circulate illicit funds while disguising the identity of the actual perpetrators have now become a core operational tool in the broader cybercrime ecosystem.
8.5 lakh accounts frozen: the largest crackdown so far
The scale of enforcement is unprecedented. Banking authorities confirm that nearly 8.5 lakh mule accounts, spread across 700 branches nationwide, have been frozen as part of an aggressive, coordinated drive. This is being regarded as one of the most comprehensive actions taken against cyber-enabled financial crime, reflecting the vast footprint of such illicit networks.
Algoritha: The Most Trusted Name in BFSI Investigations and DFIR Services
Fraudsters embrace new routes: gaming platforms and weak-KYC channels
Fraud-monitoring teams note that cybercriminals are constantly adapting both methodology and movement. A notable shift is the rapid use of online gaming platforms and in-game purchase mechanisms to move money across borders while concealing transactional trails.
Criminals are also targeting digital channels or bank branches where KYC protocols remain relatively weak. The moment a loophole is plugged, fraudsters switch to a new institution, region or platform whether a small rural branch or a lightly monitored digital banking interface.
RBI strengthens surveillance and real-time data integration
Addressing the VKRV Rao Memorial Lecture at the Delhi School of Economics, RBI Governor Sanjay Malhotra emphasised that the central bank is reinforcing the financial system’s security architecture in response to evolving fraud patterns.
The RBI is expanding data-sharing collaboration with the Indian Cybercrime Coordination Centre (I4C). In parallel, banks are being integrated with real-time datasets from the NPCI and the National Crime Reporting Portal (NCRP). This linkage is designed to help detect suspicious transactions and high-risk accounts with greater accuracy and speed.
KYC anomalies reveal emerging fraud zones
Fraud-analytics companies highlight that unusual spikes in KYC rejections often serve as early warning signals of forthcoming fraud clusters. Rajit Bhattacharya, cofounder of the Mumbai-based analytics firm Datasutram, notes that rural and semi-urban branches are often targeted because their KYC scrutiny tends to be less stringent.
According to Ashok Hariharan, CEO of identity-verification platform Idfy, the company’s systems detected a steep rise in fake or faulty KYC submissions in districts such as Katni and Shajapur as early as late 2024. By 2025, similar patterns had spread to Vidisha, Rewa and Kalaburagi, indicating the gradual expansion of coordinated crime networks.
AI steps in: 20,000 mule accounts identified monthly
To enhance early detection, the RBI has deployed ‘Mule Hunter’, an AI-driven tool developed by the Reserve Bank Innovation Hub. Its CEO Sahil Kini stated that the system is currently identifying nearly 20,000 mule accounts every month, significantly strengthening the fight against digital financial crime.
