The Central Bureau of Investigation (CBI) conducted coordinated searches at 15 locations across Delhi, Rajasthan, Uttar Pradesh and Punjab in connection with a case related to large-scale organised online investment and part-time job fraud involving offshore withdrawals and overseas fintech platforms, predominantly the Dubai-based “Pyypl”.

The case was registered by CBI based on inputs received from the Indian Cyber Crime Coordination Centre (I4C), Ministry of Home Affairs, Government of India. It was alleged that thousands of unsuspecting Indian citizens were cheated of crores of rupees through deceptive online schemes operated by an organised transnational fraud syndicate.

Investigation revealed that the network exploited social media platforms, mobile applications and encrypted messaging services to lure victims with promises of high returns from online investments and part-time job opportunities. Victims were initially induced to deposit small amounts and were shown fictitious profits to gain their trust, after which they were persuaded to invest larger sums.

The defrauded funds were quickly transferred through multiple mule bank accounts to conceal the money trail. Thereafter, the proceeds were siphoned off through offshore ATM withdrawals using debit cards enabled for international transactions and through wallet top-ups on overseas fintech platforms, predominantly “Pyypl”, using Visa and MasterCard payment networks. These transactions appeared as Point-of-Sale (POS) transactions in banking systems.

CBI identified Ashok Kumar Sharma, a Chartered Accountant based in village Bijwasan on the Delhi-Gurugram border, among others as the kingpin of the syndicate allegedly involved in siphoning off hundreds of crores of rupees through this network of mule accounts and overseas financial channels. Part of the proceeds of crime were also converted into cryptocurrency.

Further investigation uncovered another major branch of the network through which Ashok Kumar Sharma is suspected to have siphoned off approximately ₹900 crore during the past Year alone. The defrauded funds were consolidated into accounts linked to 15 shell companies and routed through two entities.

Investigation revealed that these entities converted the proceeds into USDT through India-based virtual asset exchanges and transferred the cryptocurrency to their white-listed wallets.

CBI had, earlier, frozen the bank accounts used by the aforesaid entities along with the funds lying therein in September 2025. Searches were conducted at the residential premises of the directors as well as the official premises of these entities.

During the searches, incriminating documents and digital evidence relating to the operations of the syndicate were recovered. It was also found that several unsuspecting individuals had been deceitfully appointed as directors of shell companies and that fraudulently obtained documentation was used for their incorporation.

CBI continues to pursue further leads to identify and apprehend other accused people, including foreign nationals, and to trace and freeze the proceeds of crime routed through domestic and international financial systems.