India’s unprecedented digital payments boom, led by the Unified Payments Interface (UPI), has transformed financial inclusion while simultaneously exposing users to new-age cyber threats. Among these, phishing a tactic exploiting human vulnerability and its subsequent integration into sophisticated money laundering chains pose one of the most pressing challenges to India’s digital economy. This paper undertakes a comprehensive, data-driven examination of phishing-enabled laundering networks in India, contextualised within evolving legal, technological, and enforcement landscapes.

Through the analysis of real-life case studies, including the recent “digital arrest” scam in Ahmedabad and UPI-linked cross-border laundering via crypto exchanges, the study reveals structural weaknesses in regulatory coordination, technological safeguards, and public awareness. By integrating insights from the Prevention of Money Laundering Act, 2002 (PMLA), Information Technology Act, 2000, and emerging frameworks such as the RBI’s Digital Payments Intelligence Platform, this research identifies critical gaps in the detection, investigation, and prosecution of phishing-related laundering offences.