Unmasking the ₹1.55 Crore Share Market Scam: Chinese Cyber Links, Fake Identities, and a Nationwide Trail

PUNE, JUNE 2025 – In a major breakthrough in cybercrime investigation, the Pimpri-Chinchwad cyber cell has cracked open a sophisticated share market scam worth ₹1.55 crore that targeted an unsuspecting IT professional with false promises of high investment returns. What initially appeared as a local financial fraud has now unveiled chilling links to international cyber syndicates — with Chinese cyber criminals allegedly pulling the strings from behind the scenes.

This case, registered in March 2025, has rapidly evolved into one of the most intriguing cybercrime stories of the year, marked by deceit, impersonation, international collusion, and attempted escape.

The Arrest: How the Cyber Cell Nabbed the Suspects

After months of digital sleuthing, the cybercrime team led by Assistant Inspector Pravin Swami successfully arrested three suspects:

• Shubham Chandrakant Mhanta (25)
• Swapnil Chandulal Baheti (35)
• Prashik Uttam Navghare (26)

All three are residents of Solapur, Maharashtra, and were reportedly trying to flee the country via Nepal when law enforcement intercepted them at Pune Airport. According to police sources, Mhanta and Navghare were caught on Sunday and officially placed under arrest on Monday.

The trio played a coordinated role in duping the victim. While Baheti and Mhanta claimed to be journalists, Navghare allegedly posed as a lawyer, using fake identities to gain the victim’s trust and mask their criminal motives.

How the Scam Unfolded: Anatomy of a Financial Trap

The fraudsters approached the victim — an IT professional — with an enticing investment proposition related to the share market. Lured by the promise of lucrative returns, the victim was gradually coaxed into transferring money into accounts operated by the gang.

What appeared to be a legitimate investment strategy turned into a nightmare when the promised returns never arrived. After realizing the trap, the victim filed a complaint, prompting the Pimpri-Chinchwad police to open a full-fledged cyber investigation.

Further investigation revealed that the scam wasn’t an isolated incident but rather a well-structured operation backed by international actors.

The China Connection: Digital Shadows Beyond Borders

A startling twist emerged when the cyber cell discovered that Shubham Mhanta had direct affiliations with Chinese cyber criminals. According to the police, Mhanta was employed by a Chinese-based entity involved in facilitating fraudulent transactions by handling OTP forwarding systems — a tactic increasingly used by cybercriminals to bypass two-factor authentication and access financial accounts illegally.

Mhanta’s job was to intercept and forward OTPs (One-Time Passwords) received during financial operations — a task that played a critical role in draining the victim’s bank accounts.

This OTP-forwarding module is part of a growing global scam infrastructure, often executed via Telegram bots, spoofed applications, and remote access trojans (RATs) that allow cybercriminals to operate across borders with virtual impunity.

Role of the Bank Account Holder: A Pawn or a Partner?

The investigation also led police to Amit Ashok Ekbote, another resident of Solapur, in whose bank account the defrauded ₹1.55 crore was traced. During interrogation, Ekbote insisted that he was unaware of the fraudulent nature of the transactions and claimed that the accused had misused his account under the pretext of online gaming business.

While the police are still verifying the authenticity of Ekbote’s claims, it has become increasingly common for cybercriminals to either coerce or deceive individuals into lending their bank accounts for illicit transactions, a tactic known as money mule operations.

Fake Careers, Real Crimes: Pretending to Be Journalists and a Lawyer

The three accused crafted their personas carefully — posing as journalists and a lawyer — giving them an air of legitimacy and trustworthiness that was key to executing the scam.

“We are currently verifying their claims of being journalists and a lawyer,” said Assistant Inspector Pravin Swami, indicating that background checks and document verification are underway.

The impersonation of legal and media professionals shows the extent to which cybercriminals are willing to go to gain psychological control over victims. It also raises concerns about how easy it is to forge professional identities in the digital age.

Scam Expansion: Could There Be More Victims?

Although only one victim has come forward so far, investigators believe that the magnitude and complexity of the operation suggests there could be multiple victims, potentially from across different Indian states.

The police are now working with the Cyber Crime Investigation Bureau (CCIB) and other national cyber agencies to trace the digital footprint of the accused, map out all financial trails, and determine the extent of damage caused.

Mobile phones, laptops, and SIM cards seized during the arrest are currently undergoing forensic analysis, and any connection to larger dark web marketplaces or cybercrime forums will be pursued.

A Wake-Up Call for India’s Cybersecurity Infrastructure

The case serves as a stark reminder of the vulnerabilities in India’s cyber landscape. With an increasing number of citizens investing online — from stock trading to cryptocurrency — the need for robust cybersecurity awareness and regulatory oversight has never been greater.

Cybercriminals are no longer confined to phishing emails or ransomware attacks; they are now impersonating professionals, engineering trust-based manipulation, and using foreign infrastructure to operate seamlessly.

India has witnessed a surge in such scams in recent years, many of which involve actors based in China, Nigeria, and Eastern Europe. The absence of extradition treaties and jurisdictional barriers makes these criminals harder to prosecute.

Legal Consequences and Next Steps

All three accused are currently in police custody and will be produced before a magistrate for remand and further questioning. Charges under sections of the Indian Penal Code (IPC) related to cheating, criminal conspiracy, and cyber fraud, along with provisions of the Information Technology (IT) Act, are expected to be filed.

The authorities are also considering invoking sections related to organized crime, which could increase the severity of punishment if convicted.

Investigators are coordinating with the Ministry of External Affairs and Interpol to understand whether Chinese nationals directly orchestrated or supported the backend infrastructure used in this scam.

Cyber Safety Tips for Investors and Citizens

In light of this alarming incident, here are some key recommendations for citizens:

• Avoid investment offers from unknown or unverified sources, especially if they promise unusually high returns.
• Double-check the credentials of anyone claiming to be a financial advisor, journalist, or legal consultant.
• Never share OTPs or sensitive financial information, even if the request appears to be from a trusted contact.
• Use multi-factor authentication, strong passwords, and keep your devices updated.
• Report suspicious activities immediately to local cybercrime units or via the National Cyber Crime Reporting Portal (www.cybercrime.gov.in).

Conclusion: An Urgent Call to Action

The ₹1.55 crore share market scam is more than just a case of financial fraud — it’s a shocking revelation of how deep and global cybercrime networks have become. From fake identities and psychological manipulation to cross-border digital operations, this case is a clarion call for every Indian citizen, policymaker, and law enforcement agency.

As we transition into a hyper-connected financial world, our defense against digital fraud must evolve with the same speed and sophistication as those who exploit the system. Only through public awareness, inter-agency collaboration, and international cooperation can we hope to stay one step ahead of the criminals hiding behind screens.