₹209 Crore Transnational Cyber Investment Fraud Exposed in Multi-State Investigation

Indian authorities have uncovered a sophisticated transnational cyber investment fraud scheme that has defrauded victims of more than ₹209 crore (£19 million), with investigators warning the total losses could exceed ₹400 crore as the full scope of the operation emerges. The investigation, led by Jammu and Kashmir Police, has revealed how organized criminals exploited hundreds of bank accounts across multiple states to launder money through a complex web of fake investment platforms.

The fraud centred on convincing victims across India to invest in lucrative online trading schemes through websites including paisavault.com, which promised extraordinary returns on cryptocurrency and other digital investments. Once deposited, victims' funds were rapidly transferred through multiple accounts before being moved outside India's borders, creating a deliberately opaque financial trail designed to evade detection.

Background and Context

The case came to light after a resident from Ganderbal district reported being cheated through an online investment platform, leading Police Station Ganderbal to register FIR No. 08/2026 under sections of the Bharatiya Nyaya Sanhita (BNS) and Information Technology Act. Senior Superintendent of Police Khalil Ahmad Poswal established a Special Investigation Team comprising cybercrime experts to unravel the operation.

According to investigators, the fraudsters employed classic investment scam tactics combined with sophisticated money laundering techniques. The fake platforms were aggressively marketed through social media and search engines, targeting victims seeking high-yield investment opportunities during a period of increased digital financial activity across India.

Key Figures and Entities

Police have identified the alleged mastermind as Ekant Yogdutt, who operated under the alias "Dr. Morphine" and maintained connections with Chinese nationals. Records show Yogdutt acquired expertise in cyber fraud techniques while studying medicine in the Philippines before allegedly coordinating the operation at national and international levels.

The investigation has revealed a hierarchical structure with local operatives in Kashmir functioning as regional heads and account mobilisers. According to SSP Poswal, these operatives specifically targeted below-poverty-line (BPL) account holders, offering monthly payments of ₹8,000-10,000 in exchange for temporary access to their bank accounts, ATM cards, and credentials.

The probe has also uncovered alleged involvement of certain bank employees who reportedly provided QR codes linked to the compromised accounts, enabling seamless collection of funds from victims through the fraudulent investment websites.

Legal and Financial Mechanisms

The operation relied on a sophisticated money laundering network that moved funds through numerous bank accounts across districts including Budgam, Srinagar, Ganderbal, and Baramulla. Investigators have identified 835 bank accounts connected to the scheme, with 290 accounts verified so far showing deposits totaling ₹209 crore from investors nationwide.

To maintain operations despite scrutiny, the fraudsters utilized Telegram channels to circulate fresh QR codes whenever suspicious accounts were frozen by cybercrime units. This system allowed the fraudulent operation to continue uninterrupted by quickly activating new accounts and uploading replacement payment codes.

The layered movement of money through multiple jurisdictions was deliberately designed to obscure the financial trail and evade detection by cybercrime monitoring units, investigators said. Funds were rapidly transferred through various accounts before being moved outside Jammu and Kashmir and eventually beyond national borders.

International Implications and Policy Response

The case highlights significant vulnerabilities in India's financial monitoring systems and the growing sophistication of transnational cybercrime operations. The alleged connections to Chinese nationals underscore the increasingly cross-border nature of financial fraud, requiring enhanced international cooperation to effectively combat such schemes.

The operation's exploitation of economically vulnerable account holders raises questions about financial inclusion measures and the need for greater awareness of financial fraud risks among disadvantaged communities. The alleged involvement of banking sector employees also points to potential insider threats requiring more robust internal controls.

Jammu and Kashmir Police have urged citizens to avoid unverified online investment platforms and warned against sharing bank account details for monetary gain. Authorities have directed victims to report cybercrime incidents through the official portal at cybercrime.gov.in or the national helpline 1039 to enable faster intervention.

Sources

This report is based on information released by the Jammu and Kashmir Police regarding FIR No. 08/2026, statements from SSP Ganderbal Khalil Ahmad Poswal, and official investigation findings. Further information was drawn from court records related to the arrest of Ekant Yogdutt at Delhi International Airport and police documentation of the financial investigation.