Skip to content ↓ | Skip to navigation ↓

Signing up with a social media site is fun, but it’s not without its risks. Scammers prowl about LinkedIn, Twitter, Facebook and other social networking platforms looking for ways to trick users into doing something they wouldn’t ordinarily do. Usually, these fraudsters are after their targets’ profiles, money, or computer files.

But some want something else. Some set their sights on users’ identities.

More people get their identities stolen than you might think. UK fraud prevention service Cifas found that attackers victimized 148,463 individuals living in the United Kingdom in 2015. That marks a 57 percent increase over 2014 (94,492).

Part of the reason why there are so many instances of identity theft is because attackers can do a lot with a person’s information. If they obtain access to a victim’s sensitive personal details off of social media, they can open a new bank account in the user’s name, redirect a target’s mail to another address, and/or launch secondary attacks, such as whaling campaigns against an organization’s executives.

In these campaigns, the attacker has only their motivations and expected gains in mind. Whatever damage they cause to a user’s identity is a means to an end. It’s nothing personal. They could just as easily stalk other prey on social media.

Even so, that’s not the case for all identity thieves.

Attackers sometimes orchestrate their efforts around a central mission: destroying the reputation of their intended target. They’ll do whatever it takes to ruin that person’s life. And as so many people are now on social media, websites like Facebook enable identity thieves to target a victim’s entire social network and methodically tear it apart.

That’s exactly what happened to Rahul Madhyani and his wife Sneha Chopra.

A Romance Turned Sour

The couple’s tale dates back to 2009 when Rahul and Sneha hadn’t even met yet. Shortly after completing his Master’s in Business Administration (MBA) from Rizvi college, Rahul spotted a girl named Richa Sajnani on Facebook. The two got to talking, and out of their conversations, a romance quickly sprung.

It took just two years for Rahul to propose to Richa. But when the two agreed to meet for the first time, Richa never showed up and said she had no time.

Rahul was furious, as he told The Ken:

“No time? What is that even supposed to mean? We had planned this, hadn’t we? You were supposed to come home, meet my family. If you are not committed, then let’s not do this.”

Richa tried to reassure him, but Rahul had his doubts and slowly drifted away from her.

Things changed for him in January 2012 when Rahul met Sneha. Enthralled with one another, the two got engaged about a year and a half later.

Not everyone appreciated the happy news. At the top of the list was Richa, who maintained contact with Rahul until she abruptly terminated contact with him.

Coming Out of the Shadows

Rahul Madhyani
Rahul Madhyani (Source: The Ken)

It was late-2012 when the trouble started. Ashish K. Mishra of The Ken reports:

“Even before Rahul and Sneha’s engagement, sometime in December 2012, is when the first fake profile appeared on Facebook. In the name of Rahul Madhyani. The display picture was a photoshopped image of Rahul and Richa, garland around their neck, to suggest that they were married.”

Rahul suspected Richa was behind the fake profile. But when he confronted her, she denied taking any part in it.

He forgot about the fake profile for a few months he and Sneha announced their engagement. During their celebration, Rahul received a call from an anonymous person informing him that they had set up an account for Sneha. Curious, Rahul went to check out the profile. It had a picture of Sneha as its profile image, but whoever had access to the profile had shared a number of pornographic videos and posted vulgar messages directed at Rahul and his family.

Determined to get to the bottom of the profile, Rahul filed a complaint with cyber cell at Crawford Market police station on 11 September, 2013.

Broadening the List of Targets

The Facebook imposters weren’t phased by Rahul’s complaint. Undeterred, they leaked out Rahul’s email address and Sneha’s phone number and targeted everyone related to the once-happy couple.

For months on end, Rahul’s family, close relatives and colleagues at Rizvi college, father, sister, mother, brother, sister-in-law, and several other friends received daily tag notifications from the fake profiles. The abuse was so unrelenting that Rahul’s extended family ultimately became fed up and decided to boycott his upcoming wedding with Sneha en masse.

Sneha Chopra
Sneha Chopra (Source: The Ken)

Rahul and Alok spent a lot of time at the cyber cell looking for answers. The officers there weren’t able to provide much help, saying that they needed to send each fake profile’s URL to Facebook and wait for the corresponding IP address. That could take weeks if a corporation had filed the complaint.

In the case of an individual like Rahul, however, it took months. Niranjan Patil, a security consultant and co-founder of Packet Verify Technologies, an information security and privacy consulting firm in Bengaluru, explains:

“It all depends on how much pressure you are able to put. In corporate cases, you can put a lot of pressure on the police to work with Interpol and get activity logs. For individuals, it is very difficult.”

A Slow Process

Since he submitted his first complaint, the cyber cell has arrested two young men who set up dozens of accounts of Rahul Madhyani on Facebook. Both individuals claimed they met a girl, who told them to make the accounts and provided them with content to post.

Then in 2016, Rahul learned from the cyber cell that someone had used the pictures of Godhuli Chatterjee while posing as Richa. Apparently, the Richa Sajnani he thought he knew never existed.

But that’s all they’ve uncovered so far. With that being said, it’s unclear whether the couple will ever find justice from the more than 200 fake Facebook profiles that have harassed them.


It’s been three years since the abuse first started. Despite losing his job and a number of his friends, Rahul can still be found on Facebook. But he is careful about what he posts:

“I just have one profile. It has nothing, except my picture. And I use that to check if any profile of my friends or family has been made. Every night, this is what I do. I’m done with Facebook. I’ve had enough for one life. I know who my friends are. Only handful are left. I just call them. Or text.”

Rahul’s story is a reminder to all users of social media to be careful about what they post and to only connect with people whom they already know.

For more social media security best practices, please click here.

You can read Rahul and Sneha’s entire story here.

Tripwire University
  • Perhaps one solution to not getting a quick response from FB for IP address stats is to generate your own stats. Someone could have created a honey-trap wedding website for Rahul and Sneha which recorded all traffic and user agent info (eg on a board for leaving well-wishing messages), and then posted a link to the website visible-to-public on their FB account…