New Delhi: On 24 May, 2021, four pictures of a man flaunting two shiny Mercedes cars, captioned Rishikesh-The City of Love, were posted on a Facebook page in the name of one Rahul Shaw. On Monday, the Central Bureau of Investigation (CBI) arrested Shaw from his hometown, Siliguri in West Bengal, for allegedly running an international cybercrime racket that predominantly duped German nationals.
In its FIR filed on 12 February, the agency said Shaw and his associates scammed people by pretending to be employees of Microsoft. It also claimed they had set up an “illegal” call centre in Darjeeling with an intention to commit cyber fraud.
Shaw was brought to Delhi, where the CBI secured five-day remand on producing him in Rouse Avenue Court Wednesday.
“The allegations against the accused are grave and serious. Prima facie, it appears that a bigger conspiracy is yet to be unearthed for which custodial investigation of the accused is necessary. In view thereof, the accused is remanded for five days in police custody,” Additional Chief Judicial Magistrate Neha Mittal ordered.
Shaw’s counsel, Neeraj Chaudhari, however, claimed his client was being implicated in a fabricated case and that he had been available for questioning if the CBI so required.
The German authorities had in 2023 informed the Indian government about Shaw “scamming German nationals”.
“These are fabricated charges, and neither was my client unavailable for questioning that arrest was essential. He could have been summoned for questioning but the arrest is illegal,” Chaudhari told ThePrint.
The CBI has in its FIR listed 12 victims defrauded of 6.46 lakh euros (Rs 5.8 crore) by the international syndicate allegedly led by Shaw.
Who is Rahul Shaw
On the Facebook page in his name, which was started in April 2020, Shaw is identified as “national president of Anti-Crime & Social Justice Forum India,” which has been described as a West Bengal-based NGO. According to the posts and pictures made public by the organisation on social media, Shaw can be seen among office-bearers distributing essential items during the COVID-19 pandemic in June 2020.
Around the same time, Shaw became director at Kolkata-based IT solutions firm, RSDR Infotech Private Limited, according to details on corporate profiling platforms.
Shaw also controls an apparel brand based in the UAE, named Tamsha. The company was founded in 2019, according to its website.
Around two-and-a-half years ago, Shaw threw his hat into the luxury pub business and launched a pub in Siliguri in September 2022 with the name Error Brew and Pub, according to his social media accounts.
Going by information on his credentials on corporate profiling platforms such as ZaubaCorp, Shaw is the Director of at least two firms—RSDR Infotech and Tamsha Pubs.
On LinkedIn, Shaw identifies himself as the “business owner” of two UAE-based firms, Tamsha Real Estate Buying & Selling Brokerage and Tamsha Trading LLC, which runs the apparel business under the same name in the country.
‘Fraud in the name of Microsoft’
The CBI’s crackdown against Shaw began after the agency booked him and two of his aides under Sections 120B (criminal conspiracy), 420 (cheating), 467 (forgery of valuable security), 468 (forgery with the intent to cheat) and 471 (using as genuine a forged document) of the erstwhile Indian Penal Code and Section 66D of the Information Technology Act, 2000, that deals with cheating by personation using a computer resource.
The CBI filed the case after verifying information and allegations against Shaw and his aides shared by the German authorities with the central government through a mutual legal assistance treaty between India and Germany.
According to the information shared by the German authorities and passed on to the CBI in June 2023 by the home ministry, the trio of Shaw, Shubham Sharma and Rajeev Budhiraja stands accused of hatching a criminal conspiracy to target German nationals over phone via impersonating as employees of Microsoft.
They convinced the victims that their computers were being compromised and influenced them into downloading third-party apps in order to gain access over their machines, the CBI has alleged in its FIR. Additionally, in some cases, a pop-up message bearing a contact number was flashed on the computer screen of the victims, and a call on those numbers routed the targets to a call centre run by a syndicate led by Shaw, the CBI stated.
“Once they got access to the computer/mobile phones of the victims, they unauthorisedly accessed the bank accounts of the victims and defraud the victims by purchasing cryptocurrencies from the funds available in their bank accounts and subsequently transferred these cryptocurrencies to their own crypto wallets,” the agency said in the FIR.
Naming one of the first targets of the scam, the CBI said the syndicate allegedly reached out over a call to one Andreas Schlomer on 8 March, 2021, with the caller claiming to be a Microsoft employee who would protect his computer from an attempted hacking.
The syndicate subsequently gained access to Schlomer’s laptop and allegedly used 2,500 euros from his account to purchase bitcoin and later moved it into Shaw’s own crypto wallet on 17 March of the same year, according to the CBI. Later, in May that year, another German national, Bernand Lehr, received a phone call from one Jerry Nixon, a pseudonym identified by both the German authorities and CBI as one used by Shaw’s syndicate.
During the call, Lehr was allegedly convinced to install third-party apps such as AnyDesk and UltraViewer that allow users remote access to one’s computer.
Lehr’s account was used for the transfer of 50,000 euros from the account of another victim named Christopher Esser, and the money was used to purchase cryptocurrency which was subsequently transferred to Shaw’s wallet, the CBI says in the FIR.
CBI action
Having registered the FIR against Shaw, the CBI swooped down on six locations across Delhi, Kolkata and Siliguri between 14 and 17 February.
The agency’s spokesperson said in a statement that it dismantled a call centre run by the syndicate in Darjeeling where calls from German nationals were routed. From the call centre, 24 hard disks were recovered by officials.
Conceding that the searches over the weekend had led to interrogation of only two personnel working at the call centre then, the CBI said in its remand application that the two persons revealed the centre had been established and made operational by Shaw.
They told the agency that foreign nationals from Germany and Belgium were cheated on the pretext of providing tech support.
“Accused Rahul Shaw was asked to disclose the details of the other accused persons involved in the operation of the aforesaid illegal call centre and also the flow of the proceeds of crime obtained by them from the foreign victims and end use of the same. However, he did not cooperate nor disclosed the details of the other accused persons and flow of proceeds of crime,” the CBI stated in the application, which ThePrint has seen.
“Therefore, to ascertain the identities of other accused persons, ascertain the flow of crime and to prevent him from committing any further offence or influencing witnesses or tampering with or destroying the evidence, it was necessary to arrest accused Rahul Shaw and subject him to custodial interrogation,” the CBI stated in its plea.
Advocate Chaudhari opposed the CBI’s remand application saying FIR in the case was filed nearly two years after the German authorities had intimated about the matter.
(Edited by Nida Fatima Siddiqui)