A serious and well-planned cyber fraud attempt has surfaced in the city, where unknown scammers impersonated the Mumbai City Collector and District Magistrate and sent WhatsApp messages to senior revenue officials, attempting to extract money under the pretext of an “urgent government project.” However, alert officials detected the fraud in time, preventing any financial loss.
How the Scam Worked
According to officials, several revenue department officers received WhatsApp messages in which the profile photo and name of Mumbai City Collector Aanchal Sood Goyal were misused. The messages claimed that there was a technical issue with the banking application and that immediate funds were required for a government project, which would later be refunded.
The messages were crafted in a highly official and urgent tone to create pressure and prompt immediate action from the officers. This made the communication appear like a genuine administrative directive at first glance.
FCRF’s Flagship Cyber Law Certification Returns With a New Four-Week Cohort
Detection and FIR
However, suspicions arose due to the language and circumstances of the messages. The fraudulent message was received on May 16 on a mobile number linked to the disaster management cell of the Collector’s office, which is monitored by a revenue officer posted at the Old Customs House in Fort.
On noticing irregularities, the officer immediately informed the Collector’s personal assistant, who verified the matter directly with the Collector. It was confirmed that no such message had been sent, establishing that the communication was entirely fake.
Following confirmation, the matter was reported to the MRA Marg police station, where an FIR was registered against unidentified persons under charges of cheating and attempt to commit serious offences under the Bharatiya Nyaya Sanhita and the Information Technology Act.
Investigation and Wider Concerns
Police officials stated that the case appears to be a carefully executed social engineering attack, where the identity of a senior bureaucrat was misused to exploit trust within the administrative system. The messages were designed to look authentic and emergency-driven.
Investigating agencies are now tracking the mobile number used in the fraud attempt and examining whether similar messages were sent to other government departments or officials. Preliminary findings suggest that the case may be part of a larger organised cybercrime network operating across multiple institutions.
Officials believe such scams exploit hierarchical trust structures within government systems, where instructions appearing to come from senior authorities are often acted upon without delay or verification.
Cybersecurity experts note that these frauds rely more on psychological manipulation than technical hacking. By copying profile images, names, and communication patterns, scammers attempt to create credibility and pressure targets into acting without proper checks.
Authorities have warned that WhatsApp impersonation scams involving senior officials are increasing rapidly. In many cases, fraudsters gather publicly available information from social media and online sources to build convincing fake identities, making detection more difficult.
Police have directed all departments to strictly verify any financial request received through messaging platforms using official communication channels such as registered phone numbers, official emails, or direct confirmation. Any urgent payment request received via messaging apps must not be acted upon without verification.
The investigation is currently underway, and authorities are trying to identify the individuals behind the fraud and determine the extent of their network. Officials said further technical analysis and digital forensic examination may lead to more significant revelations in the case.
