Pune IT Firm Loses ₹6.49 Cr in Email Fraud
A recent cybercrime incident in Pune has brought to light just how well-executed email fraud can be — especially when it involves high-stakes corporate transactions.
On March 27, the director of a prominent molecular IT firm in Pune was defrauded of a staggering ₹6.49 crore in what cyber experts are classifying as a classic Man-in-the-Middle (MiTM) cyberattack. According to cyber police officials, the 39-year-old director was working from home when he received an email from a business partner.
The email appeared routine. Trusting the familiarity of the name and tone, he went ahead and processed the transaction. But the attackers had carefully embedded themselves between the communication of the two companies. They had changed one letter in the other company’s email address and its bank account number, and the victim failed to spot both changes, cyber police said. After authorizing the transaction, the director followed up with the partner company—only to discover that they had never received the funds.
This incident highlights common vulnerabilities in email-based communication workflows and the importance of verifying payment instructions through secondary channels. It also demonstrates how minor discrepancies in digital correspondence can lead to major financial losses. Unlike conventional phishing attacks, BEC and MiTM threats often use no malware and bypass most perimeter defences.
At Logix, we work with enterprises to secure email infrastructure, implement Zero Trust principles, and build a layered defence strategy against evolving threats like BEC and MiTM. For organizations handling high-value transactions via email, revisiting your security posture is not optional—it’s critical.
