Pune Real Estate Firm Defrauded of Rs 1.95 Crore in Elaborate Whale Phishing Scheme
In a sophisticated cyber attack that highlights the growing threat of targeted online fraud, a prominent real estate firm in Pune has suffered a significant financial loss of Rs 1.95 crore. The incident, classified as a whale phishing or spear phishing attack, unfolded over two days and involved cyber criminals impersonating a senior partner of the company to deceive a trusted employee.
How the Whale Phishing Attack Unfolded
The cyber fraud began on January 28, 2026, when a senior account manager at the Kothrud-headquartered real estate firm received a WhatsApp message from a number displaying the profile picture of one of the firm's partners. The message, which appeared authentic, simply asked, "Have you reached the office?" After the manager confirmed his presence, the sender, posing as the partner, instructed him to transfer Rs 95 lakh to a specified bank account for an ongoing project in Kothrud.
Believing the request to be legitimate due to the specific reference to the Kothrud project, the account manager complied and transferred the substantial amount. Investigations later revealed that this account was a mule account registered in Karnataka, commonly used by fraudsters to launder illicit funds.
Escalation of the Fraudulent Scheme
Just a few hours after the initial transfer, the impersonator contacted the complainant again, this time demanding an additional Rs one crore to be sent to another account. When the account manager raised concerns about Tax Deducted at Source (TDS), the fraudster assured him that this aspect would be handled separately. Convinced by the seemingly professional response, the manager authorized the second transfer, bringing the total loss to Rs 1.95 crore within a single day.
The scam took a more alarming turn when the cyber criminal attempted to extract an even larger sum of Rs 1.9 crore. Fortunately, at this stage, the account manager decided to verify the instructions directly with the actual partner via landline. This crucial step revealed the horrifying truth: no such transfer requests had been made by the legitimate partner.
Police Investigation and FIR Registration
Upon realizing the deception, the company immediately approached the Cyber Crime Police station in Pune city. A First Information Report (FIR) was registered by the 37-year-old senior account manager, detailing the entire sequence of events. Law enforcement officials have launched a comprehensive probe into the phone numbers and bank accounts utilized by the fraudsters, aiming to trace the money trail and identify the perpetrators.
Understanding Whale Phishing Attacks
Whale phishing, also known as spear phishing or CEO scams, represents a highly targeted form of cyber crime where specific individuals within organizations are singled out. These attacks typically focus on top executives or key personnel who handle financial transactions, exploiting their authority and access to company funds. The term "whale phishing" emphasizes the high-value targets involved, making such scams particularly damaging for businesses.
Rising Trend of Whale Phishing in Pune
This incident is not isolated. Since 2022, Pune City and Pimpri Chinchwad police have registered nearly a dozen cases of whale phishing attacks, indicating a worrying trend. Notable previous cases include:
- In 2022, the globally renowned Serum Institute of India, headquartered in Pune, was defrauded of Rs one crore in a similar scam.
- In January 2025, another real estate company in Pune lost a staggering Rs four crore to whale phishing fraudsters.
- In a high-profile arrest, Pune City Police's cyber investigators apprehended Saniya Mustakim Siddique (21) from Faridabad, Haryana, in connection with a Rs 4 crore whale phishing scam. Interestingly, after being arrested and transported on the Duronto Express, she managed to escape at Kota station in Rajasthan before being re-arrested months later in December 2024.
Broader Implications and Institutional Targeting
The threat of whale phishing extends beyond the corporate sector. In a concerning development last year, cyber criminals attempted to target the Centre for Materials for Electronics Technology (C-MET), a crucial research institution under the Union Ministry of Electronics and Information Technology. The fraudsters impersonated the organization's director general and sent deceptive emails to over two dozen scientists, attempting to trick them into transferring money.
This pattern underscores the need for heightened vigilance and robust cybersecurity measures across all sectors, from private enterprises to government institutions. As cyber criminals become increasingly sophisticated in their methods, organizations must prioritize employee training, implement multi-factor authentication, and establish strict verification protocols for financial transactions to mitigate such risks.
