NEW DELHI: The Central Bureau of Investigation (CBI) conducted raids at 15 locations across Delhi, Rajasthan, Uttar Pradesh and Punjab in connection with a large-scale organised online investment and part-time job fraud case involving offshore withdrawals and overseas fintech platforms, predominantly the Dubai-based “Pyypl”, the agency said on Thursday.

The case was registered by the CBI based on inputs received from the Indian Cyber Crime Coordination Centre (I4C).

It was alleged that thousands of unsuspecting Indian citizens were cheated of crores of rupees through deceptive online schemes operated by an organised transnational fraud syndicate.

“The network exploited social media platforms, mobile applications and encrypted messaging services to lure victims with promises of high returns from online investments and part-time job opportunities. Victims were initially induced to deposit small amounts and were shown fictitious profits to gain their trust, after which they were persuaded to invest larger sums,” the agency said.

The defrauded funds were quickly transferred through multiple mule bank accounts to conceal the money trail.

Thereafter, the proceeds were siphoned off through offshore ATM withdrawals using debit cards enabled for international transactions and through wallet top-ups on overseas fintech platforms, predominantly “Pyypl”, using Visa and MasterCard payment networks.

“These transactions appeared as Point-of-Sale (POS) transactions in banking systems,” the agency said.

The CBI identified Ashok Kumar Sharma, a chartered accountant based in village Bijwasan on the Delhi-Gurugram border, among others, as the kingpin of the syndicate involved in siphoning off hundreds of crores of rupees through a network of mule accounts and overseas financial channels. Part of the proceeds of crime was also converted into cryptocurrency.

Further investigation revealed another major branch of the network through which Ashok Kumar Sharma is suspected to have siphoned off approximately Rs 900 crore during the past year alone.

The defrauded funds were consolidated into accounts linked to 15 shell companies and routed through two entities.

Investigation revealed that these entities converted the proceeds into USDT through India-based virtual asset exchanges and transferred the cryptocurrency to their whitelisted wallets.

The CBI had earlier frozen the bank accounts used by the aforesaid entities, along with the funds lying therein, in September 2025. Searches were conducted at the residential premises of the directors as well as the official premises of these entities.

During the searches, incriminating documents and digital evidence relating to the operations of the syndicate were recovered. It was also found that several unsuspecting individuals had been deceitfully appointed as directors of shell companies and that fraudulently obtained documentation was used for their incorporation.

The CBI has taken Ashok Sharma into custody for interrogation.