Man-in-the-Middle Fraud

The recent case of Punebased company losing crores of rupees in a man-in-the-middle (MITM) fraud, is a stark reminder of the growing threat of cybercrime in global business. The firm, which manufactures automobile components was in the final stages of closing a high-value purchase deal with an Italian supplier, when cybercriminals attacked the system, hacked their email communication and redirected the payment

A Pune-based company had fallen prey to a cyber fraud trap, losing over `2.3 crores in a man-in-themiddle (MITM) fraud. The incident involved an international financial transaction with an Italian supplier, and has since triggered an investigation by the Pune Cyber Police.

The cybercrime was uncovered when the Pune firm followed up with the Italian supplier to confirm the receipt of the payment. The supplier, unaware of any transaction, denied receiving the money. A subsequent internal audit revealed that the money had been sent to an unauthorised account, confirming the firm had been targeted in an MITM attack.

• Always verify banking changes directly with your contact.
• Avoid accessing sensitive data on public Wi-Fi networks.
• Use websites with secure ‘https’ encryption.
• Regularly update passwords on your Wi-Fi and other devices.
• Install comprehensive cybersecurity software on all devices.

Modus operandi

A man-in-the-middle fraud is a cyber scam tactic where hackers secretly position themselves between two legitimate communicating parties—usually through compromised or spoofed email addresses, to manipulate or extract information.

MITM attacks are a common and dangerous type of cybercrime as there are several ways in which the attackers can attempt fraud. They occur when attackers intercept communications between two parties through dark web, web proxy etc, without their knowledge. These breaches often aim to gather sensitive data like login credentials, bank account details, or to redirect to different payments gateways.

Cyber fraudsters can execute MITM attacks in several ways

• By distributing malware that infiltrates a user’s web browser.
• By exploiting unsecured wireless routers to intercept data.
• By setting up rogue public Wi-Fi hotspots to harvest information from unsuspecting users.

Case study

A Pune-based company lost over `2.3 crore in a man-in-the-middle (MITM) fraud, on 10 June, 2025. The incident involved a suspicious international financial transaction with an Italian supplier.

The company had been having discussions since February 2025, with an Italy-based manufacturer, to procure a high-end press bending machine. All communications between the two firms had been routine, until the day of the payment. That morning, the Pune firm received an email that appeared to be from the supplier, sharing updated bank details for the final transaction. Trusting the source, the accounts team transferred the amount to the new account without cross-verification. In this case, the attackers impersonated the Italian supplier and changed banking credentials in transit.

A senior inspector with Pune Cyber Police, Swapnali Shinde, confirmed that the email looked authentic but was, in fact, a well-crafted forgery. “The hacker created a fake email-ID and then sent an email to the IT company. The company should have verified the email before replying to it, but they did not cross-check and transferred the amount directly. Now, as the bank which received the amount is an international bank, the investigation is still on, but it will be timeconsuming,” Shinde informed.

Authorities have since urged businesses engaged in cross-border transactions to verify any changes in financial instructions via separate, established communication channels such as phone calls or encrypted messaging apps.