The Enforcement Directorate (ED) has attached assets worth Rs 21.71 crore in connection with the Coinbase phishing scam, issuing a Provisional Attachment Order on November 12, 2025. The attached properties belong to Chirag Tomar, his family members, and associates, including Rahul Anand, Akash Vaish, and Piyush Prashar. According to the agency, the provisional attachment covers nine immovable properties located in Delhi. With this action, the total attachment in the case has now reached Rs 64.15 crore.
The ED initiated its investigation after reports emerged that Indian national Chirag Tomar had been arrested in the U.S. for orchestrating a large-scale cryptocurrency fraud exceeding $20 million. The case centres on a sophisticated phishing operation in which Tomar allegedly spoofed the cryptocurrency exchange Coinbase by creating fake or look-alike websites designed to mislead users.
Investigators found that these spoofed websites were pushed to the top of search results through search engine optimisation (SEO), thereby increasing the likelihood of users mistaking them for the legitimate platform. The fake portals closely resembled the authentic site, with only the contact details altered. When users attempted to log in, the site would falsely indicate incorrect credentials, prompting them to call the listed fake helpline.
This number connected them to phone lines controlled by Tomar and his associates. Once they gained control of the accounts, they would transfer the funds to wallets under their control and then sell them on various Peer-to-Peer (P2P) cryptocurrency platforms.
ED Flags Signs of Fraudulent Websites
The ED outlined several key indicators that can help users identify spoofed or fraudulent websites. According to the agency, these fake portals often mimic trusted platforms but contain subtle irregularities designed to mislead users.
Officials also noted that such scams frequently rely on visual similarity and urgency to lure victims into revealing sensitive information. The indicators of a spoofed website include:
- Web addresses that resemble official URLs but contain additional letters, symbols, or spelling errors.
- Use of “http://” or “Not Secure” connections instead of legitimate “https://” security protocols.
- Poor-quality images, distorted logos, inconsistent fonts, or irregular page layouts.
- Pop-ups prompting software downloads or requesting information — frequent signs of fraud.
- Requests for passwords, OTPs, bank details, or Aadhaar numbers through pop-up forms or emails, something authentic platforms never do.
- Broken internal links or pages that redirect to unrelated or suspicious sites.
- Offers or claims that appear unusually generous or urgent, such as “Claim now” or “Get high returns.”
Furthermore, the ED advised citizens not to click on unknown links, avoid sharing OTPs or financial details, and verify the authenticity of any communication before…
Source link
Disclaimer
We strive to uphold the highest ethical standards in all of our reporting and coverage. We blogs.grocliq.com want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.
Website Upgradation is going on for any glitch kindly connect at [email protected]
