When Rajesh Shenoy received a distressed text from his best friend first thing in the morning, requesting an urgent loan of R5.8 lakh, the Powai-based businessman didn't think twice. "If I don't help him, who will, I thought. And so, I immediately transferred the amount to the account number sent to me via email," Shenoy said in a statement to the police. He rang up the friend, asking if he'd received the money only to hear the biggest blow of his life. "He said he didn't need the money, and had never sent me the text. The email ID looked so legitimate that I didn't bother verifying it. I had been conned, and I realised it too late." This 2019 cyber crime case was never solved.

That same year, 26-year-old Masha Arabi's colleague experienced a similar fate. A 22-year-old, who had newly joined the PR firm Arabi worked for, received an email from a person pretending to be their boss. "The email ID was similar to our boss's, so my colleague didn't think about its authenticity. It said that our boss needed R10,000 transferred to her account, and that the amount would be credited back to my colleague's bank with her first pay cheque. After the transaction, she sent a screenshot of the receipt to the boss, who was confused at that moment. That is when we figured this was a phishing attack." An FIR was lodged at Santa Cruz police station, but nothing came of it.