The Cyber Centre of Excellence under the CID Crime branch of the Gujarat Police has dismantled a sophisticated inter-state cyber-fraud syndicate, detaining five key operators for orchestrating a ₹2.30 crore investment scam targeting a Surat-based businessman. The enforcement action, executed under the specialized initiative ‘Operation Mule Hunt 2.0,’ has uncovered a vast network of illicit transactions, highlighting a growing trend of cross-border financial manipulation.
A forensic dive into the digital footprint of the primary corporate mule account utilized by the fraudsters revealed its direct involvement in at least 31 distinct cyber-fraud complaints spanning multiple Indian states. Investigators have established that this single pipeline alone was leveraged to siphon an estimated total of ₹15.31 crore from victims across the country, underscoring the industrial scale of modern mule-account operations.
The Mechanism of the Forex Seduction
The fraudulent operation began when the syndicate established initial contact with the Surat businessman via a specialized social application named ‘Dilsafar.’ Utilizing a fictitious profile operating under the alias ‘Jigyasha Kapoor,’ the operators spent weeks systematically building a rapport with the victim. Once baseline trust was established, the perpetrators introduced the businessman to a fraudulent, simulated web interface designed to mimic ‘RoboForex’—a legitimate international trading platform—under the guise of providing exclusive, high-yield insider trading tips.
To solidify their psychological hold and ensure financial compliance, the syndicate deployed a classic investment scam tactic: manufactured initial returns. The businessman was guided to execute a preliminary test investment of ₹50,000, which the platform’s backend algorithm quickly manipulated to display a massive, simulated profit margin. Convinced of the platform’s legitimacy and the accuracy of the group’s market tips, the victim was subsequently induced to transfer a compounding series of deposits totaling ₹2.30 crore into several designated bank accounts before the syndicate severed communication channels and blocked access to the funds.
The Anatomy of the Mule Supply Chain
As cyber investigators retraced the transaction pathways, they isolated a commercial bank account registered to a corporate entity named ‘R P Chemicals.’ The firm, situated in Anand, Gujarat, was formally owned by an individual identified as Raj Padsala. Following a targeted raid and Padsala’s subsequent arrest, interrogation sessions revealed a highly structured, commission-based supply chain designed to obscure ownership. Padsala had knowingly handed over his entire corporate banking kit, including active net-banking credentials and debit cards, to a co-conspirator named Yagnik Ramani in exchange for a fixed financial cut.
The logistics of the banking hardware did not stop within domestic borders. The investigation team, led by Superintendent of Police Rajdeepsinh Jhala, discovered that the corporate kit traveled through a multi-layered chain of regional middlemen—identified as Ashok Yagnik, Laxman Vaghela, Jaydeep Ardesana, and Sagar Gokani, all operating out of Rajkot—before being physically and digitally routed to an external handler known as ‘Sarfaraz,’ positioned in Nepal.
The Emergence of the Transnational Nepal Node
The formal mapping of this network marks a critical milestone for regional cyber-forensics. According to Superintendent of Police Rajdeepsinh Jhala, this case represents the first documented instance where a distinct operational node in Nepal has been directly tied to the systemic management and exploitation of domestic Indian corporate mule accounts. The presence of international handlers indicates an evolutionary leap in how localized financial syndicates are insulating themselves from immediate tracking by local law enforcement.
By basing the final layer of transaction authorization and cash routing within Nepal, the masterminds effectively created a regulatory and jurisdictional buffer. The National Cyber Crime Reporting Portal (NCCRP) data pulled by the CID Crime unit confirms that this tactical insulation allowed the ‘R P Chemicals’ pipeline to remain actively operational across multiple overlapping fraud campaigns before being flagged. While the initial five operators remain in custody, multi-agency coordinates are currently being mobilized to track down the remaining fugitives and map out the broader transnational banking architecture used by the syndicate.
