Biotech firm finance manager duped of ₹27.70 Lakh in fake MIDC water supply scam

The finance manager of a biotech firm in Navi Mumbai was allegedly cheated of ₹27.70 lakh after falling victim to an online fraud involving a fake Maharashtra Industrial Development Corporation (MIDC) water supply link , police said on Sunday.

According to officials from Turbhe police station, the incident occurred on January 8. The victim received a WhatsApp message containing a link, followed by a phone call from a person posing as an MIDC official. The caller warned that the company’s water supply would be disconnected if certain details were not immediately updated.

Believing the communication to be genuine, the finance manager clicked on the link. Within the next two hours , a total of 14 unauthorised transactions were carried out, leading to withdrawals of ₹26 lakh and ₹1.70 lakh from the firm’s current bank account , a police official said.

While the name of the company and the bank involved have not been disclosed, police said the victim acted swiftly by freezing the account and lodging a complaint through the national cybercrime helpline.

Though investigators did not elaborate on technical details, police said the fraud bore the hallmarks of a phishing-based cybercrime , where malicious links are used to either capture banking credentials, extract OTPs, or enable unauthorised access to accounts.

A case has been registered against unknown persons under relevant provisions of the Bharatiya Nyaya Sanhita (BNS) including Section 318 (cheating) and Section 319 (cheating by personation) as well as under Sections 66C (identity theft) and 66D (cheating by personation using computer resources) of the Information Technology Act, Turbhe police station inspector Abasaheb Patil said.

Police said the recovery status of the defrauded amount is not yet known , adding that investigations are underway to trace the money trail and identify those involved.

Issuing an advisory, police cautioned businesses and individuals against responding to utility-related messages or links received via WhatsApp or phone calls, noting that government departments do not seek sensitive updates through such channels. They also stressed that utility services are not disconnected without formal notice through official platforms.

Authorities urged companies to verify all service-related communications through official websites or offices , limit access to corporate banking accounts, enable transaction alerts, and sensitise employees to cyber fraud tactics.

Anyone facing suspected cyber fraud has been advised to immediately freeze accounts , report the incident via 1930 or cybercrime.gov.in , and register an FIR without delay.