Dr. Reddy’s Laboratories lost ₹2.16 crore in a sophisticated cyber fraud after hackers infiltrated email communications with Bengaluru-based Group Pharmaceuticals.

The hackers impersonated a Group Pharmaceuticals executive using a very similar email address and sent fake instructions to Dr. Reddy’s finance team, diverting the payment to a fraudulent Bank of Baroda account.

The Bengaluru City Cyber Crime Police registered an FIR on November 5, traced the fraudulent account to Vadodara, Gujarat, and quickly froze the funds with the help of banking partners. Dr. Reddy’s stated that due to timely detection and actions, no financial loss was ultimately incurred, according to India Today.

How the Fraud Unfolded

The cyber fraud was executed by hackers who gained unauthorised access to the official email exchanges between the two companies on November 3, 2025.

Using email spoofing, they sent a fraudulent payment instruction from an address almost identical to the official one (using uppercase ‘K’ instead of lowercase ‘k’), tricking Dr. Reddy’s finance team into transferring ₹2.16 crore on November 4 to an account controlled by the fraudsters.

Group Pharmaceuticals, expecting this legitimate payment for goods supplied, quickly alerted police once the transaction was detected as fraudulent. Efforts to track and freeze the stolen money were swiftly undertaken, preventing any final loss.

Investigation and Official Responses

Mahesh Babu K, a senior official at Group Pharmaceuticals, filed the complaint that led to police action under Sections 66(C) and 66(D) of the Information Technology Act along with cheating provisions of the Bharatiya Nyaya Sanhita.

Police investigations revealed that the fraudulent Bank of Baroda account was operated from Vadodara and that the stolen funds had been dispersed into multiple smaller accounts before freezing.

A Bengaluru police officer stated investigations are ongoing to identify and arrest the culprits. Dr. Reddy’s Laboratories issued a statement highlighting the prompt internal and banking partner cooperation that detected the fraud early, ensuring no financial damage to either company.

How to Stay Safe from Online Scams

Cyber frauds are becoming increasingly sophisticated, often exploiting email spoofing and fake payment instructions.

• To stay safe, always verify sender email addresses carefully, especially before processing financial transactions. Double-check payment instructions through a confirmed phone call or official channel rather than replying to emails directly.
• Enable two-factor authentication for all corporate and personal accounts, and regularly update passwords with strong combinations.
• Train employees to spot phishing attempts and report suspicious messages immediately. Keep systems and antivirus software updated, and limit financial access privileges to authorized personnel only.
• Staying alert and verifying every transaction can prevent massive financial and data losses.

The Logical Indian’s Perspective

This incident highlights the increasing sophistication of cyber fraud methods such as email spoofing, jeopardising trust in digital communications within India’s crucial corporate sectors.

The Logical Indian urges companies to invest significantly in enhanced cyber security, regular employee training on phishing, and adopting multi-factor authentication to safeguard against such impersonation scams.

Public awareness and cooperation with law enforcement can help build a safer digital environment for businesses and consumers alike.