Episode 12: The Circle of Trust – When Everyone Believes, No One Questions (Collective Bias)
- Vivek Krishnan
- Jun 27
- 5 min read
After our episode on misplaced trust in institutions, a reader asked — “But what happens when everyone thinks someone else has done the checking?”
Welcome to the world of Collective Bias — where due diligence drowns in diffusion of responsibility.
How does a forged WhatsApp letter drain ₹42.5 lakh from a government FD account in a leading bank — without a single red flag?
Panchkula, June 2025.
What happened wasn’t just a scam. It was a perfect storm of visual trust, positional deference, and institutional complacency.
The Panchkula Breakdown – When Everyone Dropped the Ball
A forged instruction claimed to be from Mayor Kulbhushan Goyal’s office, directing the premature withdrawal of FDs.
It looked official: letterhead, seal, signature, correct names.
But here’s what didn’t happen:
No phone call to the Mayor’s office.
No cross-verification from bank compliance.
No email confirmation from a government domain.
Everyone — from the branch staff to the forwarding officers — believed someone else had already validated it. This was Collective Bias in action.
When “it looks sorted” becomes “I thought you were doing it.”
The Story
📰 Panchkula Mayor Falls Victim to a ₹42.5 Lakh WhatsApp Scam
What happened: Fraudsters impersonated Mayor Kulbhushan Goyal, using a WhatsApp profile adorned with his name and company logo (ANA Group).
How it played out: They offered a lucrative ₹1 crore fixed deposit proposition via WhatsApp, then sent a forged instruction letter—allegedly signed by the mayor’s brother—requesting a ₹42.5 lakh withdrawal from a Punjab & Sind Bank branch
Protocol breakdown:
No call was made to verify the request.
The instruction came via WhatsApp, not official email.
The bank ignored standard dual-signature rules and failed to escalate.
Persistent follow-up messages created a sense of urgency
How it was uncovered: The scam was discovered almost 4½ hours later when the mayor’s son, reviewing statements from Europe, alerted his father
Aftermath: An internal investigation was launched, and the mayor filed a complaint with cyber-police. He expressed hope of recovering the funds but is deeply shocked by the breach
🔍 Sidebar: Protocol vs. Practice – Where Banks Slip
Even with modern banking checks in place, scams like Panchkula still happen. Why?
Protocol vs. Collective Assumption
Protocol | What Actually Happened |
Official instructions must come from govt emails | WhatsApp message was accepted at face value |
High-value FDs need verification from authority | No in-person/voice confirmation from Mayor's office |
All instructions logged with audit trail | No documented compliance trace visible |
Cross-verification by compliance/risk unit | Familiarity and status bias overrode escalation norms |
Enhanced Due Diligence for public office FDs | Trusted visual cues (letterhead, seal) instead of process check |
🚨 What Likely Went Wrong Inside the Bank:
Skipped Voice or In-Person Verification:
For high-value transactions like creating fixed deposits of ₹42.5 lakh, especially in the name of a government entity, banks are mandated to follow enhanced due diligence.
This includes confirmation through official channels (email, video calls, physical presence, or government domain communication).
In this case, a WhatsApp message was taken at face value — a breach of standard protocol.
Lack of Hierarchical Escalation:
Normally, any unusual FD instruction or change in investment behavior by a public office should trigger managerial or compliance escalation.
But here, familiarity bias and authority illusion (the use of the mayor's name, letterhead, etc.) may have suppressed red flags.
No Cross-Validation of Source:
The scam exploited the digital casualness of modern communication. The forged request was accepted because it looked real, not because it was verified as real.
Banks are supposed to validate official requests against government databases or prior records. That didn’t happen.
🧠 Why Did It Happen?
Authority Bias Clouded SOPs:
The scam used the official letterhead, Mayor’s name, and a WhatsApp follow-up that mimicked personal authority.
This triggered a ‘compliance reflex’ — where junior officials act without escalating because the source seems unquestionable.
Breakdown in Multi-Layered Verification:
Internal SOPs often require dual verification, especially for public funds.
But when the name on the letter matches someone powerful and known, manual overrides are common.
Manipulation of Familiar Channels:
WhatsApp is increasingly used for official coordination in India.
Fraudsters leveraged informal familiarity — a WhatsApp message that looked like internal communication can override red flags
Over-Reliance on External Validity Signals:
The logo, language, and formatting mimicked earlier official letters.
The subconscious response: “This looks like every other genuine communication we’ve received.”
✅ Bottom Line:
This wasn't a complete breakdown of systems, but a failure of implementation. The right controls existed on paper. But biases — both psychological and institutional — interfered with protocol.
🔍 Could Technology Have Prevented It?
Yes — but only if used rigorously:
Cross-verification via official government email domains (e.g., @gov.in) would’ve helped.
A quick video or voice call verification with the actual mayor could have clarified things.
AI-based pattern recognition might have flagged it as inconsistent with past instructions.
🧠 Biases That Converged
Collective Bias: Everyone believed someone else had done the due diligence.
Status Quo Bias: “We’ve followed instructions this way before.”
Authority Bias: Mayor’s name, official tone — unquestioned deference.
Familiarity Bias: The logo, format, and name were all known — and therefore trusted.
The Psychology Behind It
Bystander Effect: The more people involved, the less each feels responsible.
Cognitive Offloading: Our brain outsources responsibility when perceived authority or processes are involved.
Trust Heuristics: Recognizable symbols trigger automatic belief — even in the absence of logic.
From Panchkula to Panchayats — A Pattern
This isn’t new. Across India, scams have succeeded when collective trust replaced individual scrutiny. Gold chit schemes, self-help group frauds, and peer-investment traps — they all thrive when a few vouch, and the rest don’t question.
In groupthink, doubt is inconvenient. And silence is mistaken for certainty.
🧭 Where Else Does Collective Bias Appear?
Domain | Real-World Example |
Medicine | Multiple doctors assume someone else checked for allergies — leading to wrong dosage. |
Corporate Audits | Internal teams believe external auditors caught issues — leading to financial fraud. |
Education | Everyone thinks someone else reported a child's distress signs — until it's too late. |
Technology | App permissions auto-approved because “someone must’ve vetted it.” |
Law Enforcement | Cases left untouched because “another jurisdiction is surely handling it.” |
Housing Societies | Fake maintenance requests or fraud contractors — no one verifies; everyone trusts. |
Collective bias happens when everyone trusts the process — but no one owns the outcome.
What Can You Do Differently?
✅ Ask who verified it — and how
✅ Treat internal familiarity with external claims as a red flag, not comfort.
✅ Reintroduce the human circuit breaker — verify independently.
🔍 Closing Reflection
“Collective bias isn’t about ignorance. It’s about confidence — silently outsourced to others.”
We trust logos, formats, workflows — not because we’ve verified them, but because someone must have. And when no one owns the decision, everyone becomes responsible for the failure.
But there’s another layer now — manipulated trust.
🎯 The Most Strategic Manipulation of Trust
Social proof is simple:
“If many people are doing it, it must be good.”
That instinct, so deeply human, is now systematically exploited — by businesses, by scammers, by anyone chasing influence.
🛠️ How It’s Engineered
Tactic | Description |
⭐ Fake Reviews | Paid 5-star ratings across platforms — food, travel, ecommerce. |
📈 Like Farming | Purchased likes and follows to mimic organic popularity. |
📊 Bot Engagement | Auto-generated views, shares, and comments — creating false credibility. |
👥 Crowd Seeding | Hired walk-ins and queues to make places look buzzing. |
🔁 Amplified Sharing | Viral not because it’s valuable, but because it’s repeated by paid networks. |
Even the most discerning person pauses at:
“8,000 people rated this 4.5 — it can’t be fake.”
But it often is.
This is the Bandwagon Effect at scale.
You’re not trusting the product. You’re trusting the crowd. But the crowd was programmed.
Comments