How cyber fraudsters changed domain name of Hyd Aerospace company, diverted Rs 2.30 Cr

Hyderabad: In what can be called a sophisticated crime, cyber fraudsters this time went a step further and diverted Rs. 2.30 crores of a Hyderabad-based aerospace MNC to an overseas bank.

The Rachakonda police received a complaint from the deputy general manager of the company who said they had a contract with a foreign manufacturing unit. The supply chain team of his firm interacted with the vendor on a regular basis and the latter corresponded through emails under the domain "tfcmfg.com." The Hyderabad firm responded through their secured domain.

However, on 11 June 2022, some unknown fraudsters sent several emails to the city firm with a fraudulent domain "tfcmfq.com." It was very similar to the original domain and only a letter had been changed. Due to the similarity in the domain names, the employees of the MNC could not identify that the emails were sent from a different account.

What was the fraud?

Most importantly, these emails appeared as part of the same chain of emails. The fraudster then sent mails saying the bank accounts where payments were being made are being closed and that instructions would be given for future payments.

During their regular interactions through emails, employees of the Hyderabad MNC were provided different account numbers and were asked to transfer money to these accounts. The company's representatives transferred US$ 289,721.97 (approx. Rs. 2.30 crores) to the bank accounts provided by the fraudster.

Later, the firm came to know from their original vendor that they had also received mails from the same fraudsters through the fake domain. Then the firm realised that they had been duped.

The Rachakonda police have registered a case under various sections of the IPC and the IT Act. The investigating officer, R. Venkatesh, found that the amount was processed from the firm's account to overseas banks through a payment gateway. Then police team tried to get the amounts refunded to the firm.