Lakhs Lost in Business Email Compromise Scam After ‘.com’ Was Changed to ‘.cam’

The420.in Staff
4 Min Read

Cybercriminals allegedly cheated an engineering company out of ₹10.45 lakh in a sophisticated Business Email Compromise (BEC) scam by making a minor change to the supplier’s email domain. The fraudsters replaced “.com” with “.cam” in the supplier’s email address, deceiving the company into transferring payment to a bank account in Dubai. The fraud came to light only after the genuine supplier informed the company that it had never received the payment. Police have registered a case and launched a technical investigation.

According to investigators, the victim company, located on Handewadi Road in Pune’s Kalepadal area, manufactures polymer products and regularly imports its primary raw material from a supplier based in China. Purchase orders, invoices, and payment-related communications between the two companies were routinely exchanged through email.

The investigation revealed that the fraudsters created an email address that closely resembled the supplier’s legitimate email account by changing only the domain extension from “.com” to “.cam”. Because the difference was barely noticeable, the email appeared authentic, and the company’s accounts department failed to detect the alteration.

India’s Largest Cybercrime Conference Nears: FutureCrime Summit 2026 Set for 6–7 August at Bharat Mandapam

In the fraudulent email, the scammers claimed that the supplier’s regular bank account was undergoing an audit and instructed the company to transfer the payment for the latest order to an alternative bank account in Dubai. The email closely matched previous business correspondence in its language, formatting, and presentation, leaving the company’s 25-year-old accounts executive with no immediate reason to question its authenticity.

Trusting the instructions contained in the email, the employee transferred ₹10.45 lakh to the specified bank account without carrying out any independent verification. Several weeks later, the legitimate Chinese supplier contacted the company to ask why payment for the shipment had not yet been received. When the Pune-based company informed the supplier that the money had already been transferred to the Dubai account, the supplier denied sending any such email or requesting a change in banking details. It was then that the company realised it had become the victim of a cyber fraud.

Following the complaint, Kalepadal Police registered a First Information Report (FIR) and initiated an investigation. Authorities are examining email headers, IP logs, domain registration records, banking transactions, and other digital evidence to identify those responsible. Investigators are also attempting to trace the movement of the stolen funds and determine whether the fraud was carried out by an organised international cybercrime network.

According to a Researcher at Algoritha Security, Business Email Compromise (BEC) attacks are among the most financially damaging cyber threats faced by businesses worldwide. In such attacks, criminals make subtle changes to legitimate email addresses or domains to deceive employees into authorising fraudulent payments or disclosing sensitive financial information. Independently verifying any request involving changes to bank account details remains one of the most effective ways to prevent such fraud.

Cybersecurity experts advise organisations to adopt multi-layer verification procedures for all payment-related communications. Any request to modify banking details should always be confirmed directly with the supplier through verified contact information rather than relying solely on email. Businesses are also encouraged to deploy advanced email security solutions, enable multi-factor authentication, and conduct regular cybersecurity awareness training for employees to reduce the risk of Business Email Compromise attacks.

Police are continuing to trace the accused through digital evidence, banking records, and technical analysis. Further legal action will be taken based on the findings of the ongoing investigation.

Stay Connected