Latest news with #Mohammedwadi-based
Time of India
25-04-2025
- Business
- Time of India
What is the Man-in-the-Middle cyber attack that cost a Pune businessman Rs 6.49 crore?
In what is believed to be Pune's biggest cyber fraud case to date, a cyber city-based businessman has lost Rs 6.49 crore in a sophisticated 'Man-in-the-Middle' ( MitM ) cyberattack. #Pahalgam Terrorist Attack Pakistan suspends Simla pact: What it means & who's affected What is India's defence muscle if it ever has to attack? Can Pakistan afford a full-scale war with India? The victim, a 39-year-old director of a Mohammedwadi-based firm involved in IT services and dry fruit imports, was duped on March 27 after he received what appeared to be a routine payment request from a known business associate. What is a Man-in-the-Middle (MitM) Attack? A MitM attack occurs when a cybercriminal secretly intercepts and possibly alters the communication between two parties who believe they are communicating directly with each other. This type of attack can lead to data theft, impersonation, or financial fraud . GIF89a����!�,D; 5 5 Next Stay Playback speed 1x Normal Back 0.25x 0.5x 1x Normal 1.5x 2x 5 5 / Skip Ads by by Taboola by Taboola Sponsored Links Sponsored Links Promoted Links Promoted Links You May Like Play War Thunder now for free War Thunder Play Now Undo How the Fraud Unfolded According to cyber police, the director was at his residence in the NIBM Road area when he received an email on his company's official ID, allegedly from a U.S.-based dry fruit exporter with whom he had regular dealings. The email requested a payment of nearly Rs 6.5 crore, which the businessman assumed was for a recent almond consignment. Believing the request was legitimate, he instructed his bank to process the payment. The bank even contacted him for confirmation, which he gave without hesitation. The amount was transferred across five transactions. Live Events However, upon later contacting the U.S. exporter, the businessman was informed that no such payment had been received. A closer examination of the original email revealed that cybercriminals had made two subtle but crucial changes: one letter was altered in the sender's email address, and the bank account number had been modified. 'The victim didn't notice these changes,' said Senior Inspector Swapnali Shinde of the Cyber Police. 'The email looked authentic, and the account details showed only the first few characters of the company's name—enough to fool someone who regularly deals with them.' Shinde added that the firm has two operational divisions—one for IT services and another for importing dry fruits from countries like the U.S. and those in the Middle East. The businessman realized he had been defrauded only on April 17. He then lodged a formal complaint with the city's cyber police on April 23. Ongoing Investigation 'We're currently tracing the accounts to which the money was transferred,' said Shinde. 'The funds were split and moved to multiple bank accounts. Around Rs 3 crore has not yet reached the final recipients. We're doing our best to recover the remaining amount.' Cyber police are urging businesses to double-check email addresses and bank account details before making large transactions, especially when initiated via email.
Time of India
24-04-2025
- Business
- Time of India
Pune company loses Rs 6.5 crore to Man-in-the-Middle cyber attack
Pune: Police fear it may be one of the biggest cases of cyber fraud to ever strike Pune. The director of a Mohammedwadi-based firm, involved in IT services and imports of dry fruits, ended up transferring Rs 6.49 crore to crooks in a Man-in-the-Middle (MitM) cyber attack on March 27. MitM is a type of cyber fraud in which an attacker intercepts and relays communication between two parties, making it appear as if they are communicating directly with each other. The attacker can eavesdrop on the conversation, steal sensitive data, or even impersonate one of the parties. According to the police, the 39-year-old company director was at his home in the NIBM Road area when he received an email on the company ID from another firm he did business with about a payment request. He then initiated the transaction believing the email request was legitimate and even told the bank to clear the payment. But later, when he contacted officials of the other firm, they denied receiving the amount. The company director then checked the email he had received and discovered fraudsters had made two slight alterations - they had changed one letter in the other company's email address and its bank account number. The victim failed to spot both changes, cyber police said. Senior inspector Swapnali Shinde of Cyber Police told TOI the company was set up a few years ago. She said: "It has two divisions, one for IT services and another for importing dry fruits. The company director would import the dry fruits from different countries, including the United States and those in the Middle-East. On March 27, he received a payment request from an exporter of dry fruits based in the US. The email demanded payment of nearly Rs 6.5 crore. The victim, thinking it was for the almonds he'd recently imported, initiated the transaction." Shinde said by the time the company director discovered the changes in the US exporter's email ID and bank account details, it was April 17. On April 23 (Wednesday), he filed an FIR with city cyber police. "Officials from his bank called him to verify the transaction, but he told them to proceed. The amount was across in five transactions," Shinde said, adding that the online ledger of the other company had only the first few letters of its name and the account number. "The victim did not realise that the account number of the company, with whom he had regular business with, was changed. He just clicked on the button and initiated the transactions," Shinde said. Investigators said they were now analysing the accounts the money went to. "The cash went to several accounts. We're still trying to establish a trail. As of now we can say that about Rs 3 crore is yet to reach the suspects. We will try our best to salvage the money," Shinde said.
