Spoofed Email Costs Chemical Firm Rs 51.8 Lakh — How to Identify & Stay Safe

INDIA — By BharatSecure Threat Intelligence Team · Updated Jun 13, 2026

Severity: Medium | View Full Scam Details

Spoofed Email Scam in India 2026: ₹51.8 Lakh Lost by Chemical Firm

Phishing emails that mimic trusted company officials are costing Indian businesses crores in 2026, with a recent chemical firm losing ₹51.8 lakh.

What Is the Spoofed Email Costs Chemical Firm Rs 51.8 Lakh?

In a growing cybercrime trend in India, sophisticated phishing attacks using spoofed emails have caused significant financial losses to companies. One recent incident involves a chemical firm that reportedly lost ₹51.8 lakh after fraudsters impersonated a senior official via email. The scammers sent messages that looked strikingly similar to legitimate company communications, tricking employees into transferring large sums of money.

This kind of scam primarily targets corporate finance teams and suppliers by exploiting publicly available information on websites, social media platforms like LinkedIn, and financial transaction patterns. Such attacks are increasingly widespread in India due to the growing digital footprint of businesses and more reliance on online payments such as UPI and bank transfers.

Indian authorities including the Reserve Bank of India (RBI), CERT-In (Computer Emergency Response Team), and the Indian Cyber Crime Coordination Centre (I4C) have issued advisories warning companies about phishing and business email compromise (BEC) scams. These alerts highlight the urgency for firms to verify payment requests and implement strong email security.

How This Scam Works — Step by Step

Here is how the spoofed email scam unfolds, based on the pattern reported in the ₹51.8 lakh loss case:

1. Research Phase: Fraudsters gather detailed information on the target company, including names, email formats, and job roles from LinkedIn or company websites.
2. Email Domain Spoofing: They create fake email addresses mimicking the company’s domain but with slight, often unnoticeable, variations (e.g., using “.co” instead of “.com”).
3. Crafting the Email: Using information from the research phase, scammers send emails impersonating a senior official or a trusted vendor. These emails usually request urgent payments or changes in bank details for approved transactions.
4. Social Engineering Pressure: The email emphasizes confidentiality and urgency, pressuring recipients to bypass usual verification checks.
5. Funds Transfer: Employees or finance staff, believing the email to be legitimate, transfer money to fraudsters’ accounts.
6. Cover-Up: The scammers often remove traces by using multiple bank accounts and quickly withdrawing or transferring funds.
7. Detection: The victim company discovers the fraud during reconciliation or when payments fail to correspond with genuine invoices.

Real Warning Signs to Watch For

• Emails from company officials that come from slightly altered email domains.
• Requests for urgent payments without prior confirmation or documentation.
• Sudden changes in vendor bank details communicated only through email.
• Emails discouraging recipients from contacting the sender by phone.
• Generic greetings or unusually formal language inconsistent with the company’s usual tone.
• Payment requests that bypass standard approval workflows or lack corresponding invoices.
• Suspicious last-minute instructions or insistence on secrecy.

What Happens to Victims

Victims suffer major financial setbacks as large amounts, such as ₹51.8 lakh or more, can be siphoned off before detection. Industry-specific impacts include operational delays caused by halted transactions or strained supplier relationships.

Emotional distress is also common, as company staff face blame and reputational damage. Since UPI transactions are instant and irreversible, fraud involving UPI IDs or bank transfers often leaves victims with little recourse. Aadhaar misuse or SIM swaps may amplify the problem if scammers gain multi-factor authentication codes.

Restoring stolen funds involves complex legal and banking procedures, further straining victim companies. The impact is particularly severe on growing businesses with limited cybersecurity resources.

What RBI and CERT-In Say

The Reserve Bank of India has highlighted business email compromise fraud in several advisories, reminding companies to authenticate payment instructions using multiple factors like phone verification. RBI’s customer helpline and grievance redressal mechanisms also assist victims.

CERT-In stresses maintaining updated email security protocols such as SPF, DKIM, and DMARC to prevent domain spoofing. It urges organizations to train employees on phishing awareness and report all cyber incidents promptly.

The Indian Cyber Crime Coordination Centre (I4C) operates the 1930 cybercrime helpline, available for reporting frauds including phishing and spoofed email attacks. These official bodies emphasize prevention, detection, and timely reporting as key measures against ever-evolving scams.

How to Protect Yourself

1. Verify Requests: Always confirm payment instructions with a phone call using contact details from a separate source.
2. Scrutinize Email Addresses: Check for subtle variations in sender email domains before trusting messages.
3. Use Email Authentication: Implement SPF, DKIM, and DMARC policies for your company’s email servers.
4. Establish Payment Protocols: Require multiple approvals for large transactions, including cross-verification of bank details.
5. Train Employees: Regularly educate staff on spotting phishing attempts and impostor emails.
6. Keep Systems Updated: Ensure antivirus and anti-phishing solutions are current.
7. Report Suspicious Messages: Immediately flag dubious payment requests to your IT and finance departments.

What to Do If You’ve Been Targeted

• Contact your bank immediately and request freezing of accounts if funds have been transferred.
• File a complaint through the cybercrime portal at cybercrime.gov.in detailing the incident with all evidence.
• Call the 1930 cybercrime helpline to report the fraud and seek procedural guidance.
• Report the incident to RBI if payment systems were involved.
• Inform your company’s IT and legal teams to initiate internal investigations.
• Document all communications, transactions, and incident timelines for future reference.

Frequently Asked Questions

Q: How can scammers spoof official company emails?
A: They create email IDs using domains that closely resemble the legitimate company domain, often changing a letter or extension, tricking recipients into believing emails are genuine.

Q: Are UPI transactions reversible if done through a spoofed email scam?
A: Generally, UPI payments are immediate and cannot be reversed easily once processed. Prompt reporting to banks and authorities is crucial to mitigate losses.

Q: What are the best ways to verify payment requests to avoid such scams?
A: Always confirm using known phone numbers, ask for written confirmation on official letterhead, and follow your company’s multi-level approval process before transferring funds.

If you receive suspicious messages or payment requests, check their authenticity at BharatSecure.app and report any fraud immediately to the 1930 helpline.

Disclaimer: This article describes a pattern of fraud reported in public sources for public-safety awareness. It is not legal, financial, or medical advice. To request correction or removal of any content, write to hello@bharatsecure.app.