Last month, the Indian Cybercrime Coordination Center (MHA) warned against illegal payment gateways created using mule bank accounts by transnational cybercriminal syndicates involved in money laundering. Raids across Gujarat (FIR 0113/2024) and Andhra Pradesh (FIR 310/2024) uncovered that criminal networks use mule and rented accounts to facilitate illegal digital payment gateways.
Investigations revealed that current and savings accounts—belonging to shell companies or unsuspecting individuals—are targeted through social media, primarily on Telegram and Facebook. These mule accounts are remotely controlled, with payment gateways established to channel illicit funds from fraudulent platforms such as fake investment scams, offshore gambling sites, and counterfeit stock trading apps. The stolen money is quickly laundered through multiple layers of transactions, often taking advantage of bulk payout facilities provided by banks. Payment gateways like PeacePay, RTX Pay, and PoccoPay have been identified as key tools in these operations.
In response, the Tehelka team launched an undercover investigation to expose how cybercriminals hack personal bank accounts, target gaming platforms, and use borrowed accounts to conceal their activities. The investigation revealed serious flaws in banking security. The cover story, “Banking on Hacks,” details how cybercriminals now purchase dormant bank accounts to facilitate money laundering, creating new challenges for law enforcement.
The investigation also highlights the disturbing collaboration between cybercriminals and corrupt bankers, who provide sensitive customer details—including ATM PINs, IFSC codes, and account numbers—to facilitate these schemes. A recent case involving the duping of Padma Bhushan awardee and Vardhman Group owner for Rs 7 crore shows how deep this conspiracy runs. Arrests in Guwahati and West Bengal confirm that the criminals have a nationwide reach.
Tehelka’s findings reveal how fraudsters entice ordinary citizens to open accounts or offer access to existing ones in exchange for incentives, allowing the movement of stolen funds. These accounts not only serve as conduits for money laundering but also risk being used in terrorist financing, posing a significant national security threat.
With digital payments becoming more pervasive, the risk of cybercrime grows. The MHA’s advice is clear: citizens must not sell or rent their bank accounts, company registration certificates, or Udyam Aadhaar certificates. Illicit funds in such accounts can lead to serious legal consequences, including arrest. The stakes are high—not just for individuals, but for national security. We must act together to protect our financial systems from exploitation.
