The fake website that led to an arrest: Inside the CoinDCX impersonation case
Por Anónimo
Impersonation scams can be low-tech yet highly effective, using fake websites that closely mimic trusted cryptocurrency platforms to deceive users.
The CoinDCX case shows how a 7.16 million rupee fraud complaint escalated into legal action before it was identified as an impersonation case.
The fake domain coindcx.pro, not the real platform, was used to mislead the victim and carry out the fraud.
Scammers built a complete fake ecosystem using websites, Telegram channels and social media to create credibility.
While coverage of the cryptocurrency industry often focuses on market volatility, smart contract vulnerabilities and shifting government policies, some serious threats are remarkably low-tech. Deception often wears a familiar face. A fraudulent website that perfectly mirrors a legitimate exchange can cause both financial and reputational damage.
The CoinDCX impersonation incident is a stark case study of this pattern. What began as a 7.16 million rupee ($77,000) fraud complaint eventually escalated into police proceedings against the exchange’s leadership. However, the court’s intervention ultimately shifted the blame away from the actual platform, revealing that the culprit was a sophisticated digital facade operated by scammers.
The case originated from a complaint filed by a 42-year-old insurance consultant based in Mumbra, a suburb in the Thane district within the Mumbai metropolitan region. The complainant alleged that he had been defrauded of about 7.16 million rupees. During the scam, he believed he was dealing with CoinDCX, which was presenting investment opportunities to him.
The offer allegedly included assurances of 10% to 12% monthly returns and references to a crypto franchise-style model linked to the platform. These elements, namely the promise of high returns and the apparent legitimacy of the brand, formed the core of the alleged fraud.
What sets this case apart is what happened next. Instead of being identified as an impersonation scam, the complaint escalated into legal action that led to the arrest of the company’s co-founders, Sumit Gupta and Neeraj Khandelwal.
Central to the incident was a counterfeit website, coindcx.pro, which the victim interacted with instead of the real CoinDCX website, coindcx.com.
Such fake domains are a common method in impersonation scams. They appear visually similar, seem trustworthy and deliberately exploit the brand’s established credibility.
According to statements issued by CoinDCX, no money connected to this matter was processed through its exchange systems. The scam did not originate within the platform itself. Instead, external actors allegedly used its name and reputation as bait.
Did you know? Domain impersonation scams often use subtle tricks, such as replacing letters, for example “o” with “0,” or adding extra words, to make fake websites nearly indistinguishable from real ones at a glance.
The impersonation reportedly extended well beyond a single domain. The scammers also built supporting infrastructure, such as Telegram channels and social media accounts, to reinforce the illusion of legitimacy. This reflects a broader trend in crypto scams today, where perpetrators no longer rely on a single deceptive element but instead build an entire parallel ecosystem.
For the victim, this setup created a seamless and consistent experience: a website, an associated community and representatives, all seemingly connected to a recognized brand.
The complaint was filed at the Mumbra police station in Thane on March 16, 2026. As the investigation progressed, CoinDCX’s co-founders were taken into custody in Bengaluru.
This turn of events highlights a key complexity in impersonation cases. When victims mention a prominent company in a complaint, it can take time to distinguish genuine involvement from misuse of the brand name. In fast-moving investigations, this lack of clarity can sometimes lead to action against legitimate companies before all the facts are established.
The case reached a critical stage when it came before a Thane magistrate court. The court granted bail to CoinDCX’s co-founders and noted that no prima facie case had been established against them. It observed that the complainant had been deceived by individuals impersonating the company’s promoters, not by the company itself. The victim also admitted having had no interaction with the company’s co-founders.
Did you know? Cybercriminals often buy expired or similar-looking domains in bulk, enabling them to launch multiple fake versions of a popular crypto platform within hours once a scam template proves effective.
The CoinDCX case is not an isolated incident.
According to the company, it reported more than 1,200 fake websites impersonating its platform between April 2024 and January 2026. This suggests that, for fraudsters, impersonation is not a sporadic tactic but a scalable strategy.
CoinDCX also stated that the first information report (FIR) filed against its co-founders was false.
Creating a domain that closely mimics a well-known platform is relatively inexpensive. When combined with messaging apps and social media, it allows fraud networks to recreate an appearance of trust at scale.
A central feature of the alleged scam was the promise of 10% to 12% monthly returns.
Such claims are a common element in financial fraud. In the cryptocurrency space, they are often paired with urgency, exclusivity or an association with a recognized platform.
From a behavioral perspective, these promises serve two key roles:
They draw attention in a saturated market.
They reduce skepticism by presenting the opportunity as organized or linked to an institution.
In many cases, the perceived legitimacy of the brand helps overcome doubts that might otherwise arise from the unusually high returns.
Did you know? Many impersonation scams reuse the same scripts and layouts across different brands, allowing a fake site built for one exchange to be repurposed for another within days.
Although the court found no case against CoinDCX’s co-founders, the incident highlights the wider consequences of impersonation scams.
For companies and their executives, such events can result in:
Heightened scrutiny from both users and regulators
For users of any exchange, seeing it associated with negative news can be unsettling. Those who have invested through the platform may fear financial loss. Even when a recovery process exists, few would want to become involved in a difficult and often lengthy procedure.
The case also raises important questions about how law enforcement handles digital impersonation, where identities can be replicated far more quickly than they can be verified.
In the aftermath of the incident, CoinDCX announced a 100 crore rupee ($10.76 million) initiative called the Digital Suraksha Network (DSN), focused on fraud prevention and user awareness.
Collaboration with law enforcement for training and improved response
While these steps cannot completely eliminate the risk of impersonation, they reflect a move toward more proactive defense and stronger coordination across the ecosystem.
The CoinDCX impersonation case offers several practical lessons:
Verify domains carefully. Even minor variations can indicate a fraudulent site.
Be cautious of promises of fixed or unusually high monthly returns.
Treat Telegram groups and social media handles as unverified unless they are officially confirmed.
Ensure that all transactions are conducted only through official platforms.
In many cases, the difference between a legitimate service and a scam is not advanced technology but careful verification.
Source: CoinTelegraph
