Follow TNM's WhatsApp channel for news updates and story links.
Nitin Sharma alias Khalid, a 39-year-old man from Delhi, has spent the last few years in jails spread across the country. Since his arrest by a special task force from Uttarakhand in 2022, his name has surfaced repeatedly in First Information Reports (FIRs) related to fake bomb threat calls. One such case reported in Kerala earlier this year is particularly intriguing.
Nitin was arrested by the Munnar police in Kerala in July 2025. They had received an email threatening to blow up several resorts in the hill town, and it didn’t take long to trace the threat to Nitin. By then, he was already lodged in the Mysuru jail for another hoax threat.
While he was in the Munnar police lockup, 640 kilometres away, an email landed at the Bhatkal police station in coastal Karnataka threatening multiple blasts in the town. Once again, it looked like Nitin’s signature style. The email was, however, sent by a man named Kannan Guruswamy.
When Bhatkal police picked up Kannan, a resident of Theni in Tamil Nadu, the story took an unexpected turn.
Kannan had been called by the Munnar police for questioning in a fraud case. While in lockup, another inmate had politely asked to borrow his phone to contact his family. Kannan agreed. The inmate, of course, was Nitin Sharma. Within minutes, Nitin had logged into Kannan’s Gmail account and fired off yet another bomb threat, this time to the Bhatkal police.
Nitin is only a small part of a larger menace that has become a major concern for the nation’s security forces. Whether a harmless prank or a coordinated attempt to destabilise the country, the ‘hoax bomb epidemic’ is seriously hampering the functioning of the police and other security agencies. These false alarms bring normal operations—in schools, courts, airports, or government offices—to a complete halt, while also pushing overworked security personnel to their limits. Of late, hoax threats have evolved with the help of technology, making it increasingly difficult to trace and identify the perpetrators.
Quick fix for some, deeper trouble for police
How can one overcome stage fright before giving a seminar? There might be umpteen solutions. However, a Mangaluru postgraduate medical student’s mischievous brain made her think that a hoax bomb threat to her hospital would be a better plan to avoid her presentation. Days after the incident on June 4, police tracked the threat to the student and arrested her.
Students who wanted to postpone their exams have done it multiple times. In October, a Delhi student sent an anonymous email claiming to have planted a bomb in the school premises so that he could skip the exam.
Often, surprising reasons emerge when investigators probe the hoax bomb threats. A Delhi man who was arrested in 2023 for issuing a hoax threat to a SpiceJet flight acted on behalf of his friends, who wanted to spend time with some girls who were scheduled to travel on it. Following the threat, the flight was deboarded, and passengers and their luggage were checked.
News coverage regarding hoax bomb threats has ‘inspired’ miscreants to issue threats, often targeting airlines. Hoax threats have often been traced to calls or emails made in inebriated conditions, revenge by spurned lovers, or domestic disputes, with the perpetrators remaining completely unaware of the economic and social consequences of their actions. While long legal trouble and loss of income await perpetrators, it causes immeasurable wastage of public resources.
Faking religious identity
Nitin is currently in the custody of the Kullu police in Himachal for sending a threatening email to the office of the Deputy Commissioner, Kullu, on May 2. Police found out that Nitin had used mobiles stolen from Madikeri in Karnataka to send the threat mails.
According to Superintendent of Police, Kullu, Karthikeyan Gokulachandran, Nitin’s modus operandi was to send threat mails either from stolen mobiles or using hotspots of fellow passengers on trains or buses without their knowledge. The SP added that Nitin seemed to be mentally sound during interrogation. However, he added that they could confirm it only after a psychiatric evaluation.
Though Nitin claims to have converted to Islam and has changed his name to Khalid, the SP said that they couldn't find any evidence to support his claim. Most FIRs recorded his name as Nitin Sharma alias Khalid. According to the Special Task Force in Uttarakhand, Nitin told them that he had visited mosques and collected money. In the threat mail sent to the Facebook page of Nainital police station in 2023, Nitin had claimed to be part of the terror outfit Hizbul Mujahideen. Police are yet to find his links with any terrorist organisations.
While the conversion claim of Nitin is yet to be proven, there are several instances where those accused of making false bomb threats fake their identity or, rather, give an Islamophobic twist for reasons ranging from personal vendettas to petty pranks.
Back in July, a man hailing from Bengaluru caused a ruckus on a flight in the UK, resulting in an emergency landing in Glasgow. The man who chanted ‘Allahu Akbar’ while threatening to blow up the plane was later identified as Abhay Nayak, a Hindu. The intention of the accused is still unclear.
In January, UP police arrested a teen, a Hindu, for creating a fake social media account in the name of his Muslim classmate to issue a bomb threat at Prayagraj during the Mahakumbh Mela. The boy wanted to settle scores with his classmate and resorted to an Islamophobic scheme to execute it.
In September, police and security personnel in Mumbai were on tenterhooks during the Ganesh Chaturthi festivities. The WhatsApp number of Mumbai Traffic police had received an ominous email, claiming that 34 live bombs were planted in crowded areas in the city and 14 terrorists from Pakistan had infiltrated. The message was sent in the name of an unknown outfit, ‘Lashkar-e-jihadi’.
Mumbai police declared a high alert, deploying its personnel and bomb squad to prevent any untoward incidents in the city. Later, the message was traced back to an astrologer named Ashwini Kumar, who had used his estranged friend Firoz Ahmed’s image as the display picture in the number to trap him in the terror case. Ashwini had nursed a grudge against his old friend in his native place, Patna, for filing a cheating case against him.
Pointing to the case, the Communist Party of India (Marxist) commented on its social media page that incidents like those were a direct result of the Hindutva ecosystem encouraging such communal criminality.
Handling the deluge of emails
Even when the accused use fake email IDs or stolen mobile phones, cybercrime investigators in most states are solving such cases in just a few days—sometimes within hours.
Nitin’s case was one such example. He used a Facebook account in his own name to issue a threat to the Facebook page of the Nainital police. On April 29, he sent a bomb threat mail to Thiruvananthapuram airport using the email ID ns555777777@gmail.com.
However, that is not the case when suspects protect their privacy using a Virtual Private Network, a major security threat these days. A VPN (virtual private network) redirects an internet connection through another server and hides your real IP address. This makes it harder to trace where a message or call actually came from. Because of this, VPNs are often used in such hoax threats to mask the user’s identity and location.
The cyber team of Kerala police has dealt with 33 cases of hoax email threats this year. While it cracked two, the remaining 31 are cases where suspects used VPNs to mask their identity, such as IP addresses. According to sources in Kerala police, the accused had sent a similar pattern of message—a comment on a political topic along with mention of RDX placed in one or two strategic institutions.
In the past, Kerala police have received such mails in strange IDs such as chitrakalas.gopalan, karun.chandkok, athira.kulkarni, etc., in Hotmail, Outlook, etc. The content of the messages included a threat to Vizhinjam port as a protest over the Prime Minister ignoring Colachel port or for the hanging of Afzal Guru, convicted in the Parliament attack case. One such mail ID was created in the name of Kiruthiga Udhayanidhi, who is a filmmaker and the wife of Tamil Nadu Deputy Chief Minister Udhayanidhi Stalin. The mail said that seven RDX IEDs were planted in the chamber of the district judge of a Thiruvananthapuram court.
The Outlook ID chitrakalas.gopalan, which was used to issue a bomb threat to Cliff House, the official residence of the Kerala Chief Minister, on April 30, was behind the threat sent to the Central Industrial Security Force overseeing security at Kempegowda International Airport in Bengaluru, two weeks later.
According to sources, Kerala police have corresponded multiple times with Microsoft to break the VPN barrier to crack the case. So far, it hasn't received any positive response.
This is not the issue of a single state. On October 15, a special investigation team was formed in Karnataka to address increasing cases of hoax bomb threats against educational institutions, public offices and even the residences of the Chief Minister and Deputy Chief Minister. Karnataka has recorded 34 similar cases of hoax threats in the last few months, primarily in relation to the use of VPNs and temporary mail IDs.
Bengaluru’s Deputy Commissioner of Police (North), Babasaheb Nemagoud, is handling around 30 cases related to bomb hoax emails in Bengaluru. Among these are threats issued to schools, courts, the Chief Minister and Deputy Chief Minister.
It was only recently that they traced seven of these email threats to Rene Joshilda, a robotics engineer from Chennai. Rene has been lodged in a Gujarat jail since June for sending email threats to schools and a hospital in Gujarat. “The seven cases that we have linked to her are all bomb threats sent to schools. All these are bomb threat emails sent to schools before June. All the other cases are still under investigation,” the officer said.
In Tamil Nadu, actors, journalists and politicians in Tamil Nadu have come under repeated hoax threats. Bomb threats were issued to the Chief Minister’s Office, the Bharatiya Janata Party (BJP) headquarters, the residence of the Vice President, the official residence of the Governor and the residences of leading actors in October. Greater Chennai Police Commissioner A Arun in a media interaction on November 11, said that the city alone received 342 hoax emails since April.
The commissioner said that recurring language patterns and phrasings point to only a handful of people behind the threats. The Chennai police suspect local miscreants are behind the menace, as the contents of threat mails include daily happenings in the city.
A police officer told TNM that most of these emails are incoherent, abusive and sent to random IDs. On October 10, a bomb threat was sent to a foreign consulate and a YouTuber in Chennai. A part of the email said, “....No person in Tamil Nad will be in peace. Rename 5th Trust Cross Street, Mylapore as Periyar Street! Microsoft grace emails finished, this is the last. Russian FSB helped with one Yandex, so this is our last. We're done our job, going to swallow the cyanide as commanded. Good Luck, Evacuate All Soon! (sic)”
“The emails use names of politicians, actors, etc. and read like gibberish. But we still cannot take a chance and need to inspect each time,” the officer said.
The October 10 email used the name of the late Chief Minister Jayalalithaa. The mail, which threatened to blow up the Delhi High Court using three IEDs on September 12, was sent from an Outlook mail which used the name of Member of Parliament M Kanimozhi from Dravida Munnetra Kazhagam (DMK), along with an offensive word in Tamil.
TN actor-turned-politician S Ve Shekhar said he has received 73 threat mails in a span of one month, apparently the highest number of hoax mails to a single individual. Speaking over the phone on November 11, Shekhar said that the bomb and dog squad had then finished its 14th inspection in a month at his house. He said that he has received emails from Outlook IDs in the name of politicians, especially DMK leaders.
One recent hoax email was sent in the name of his granddaughter. “I suspect that a Tamilian is behind this. Some emails have quoted my interviews that appeared in local newspapers. The sender has threatened me over my plans to associate with DMK. The threat mails started after I quit the BJP,” Sekhar said.
He said his family members were worried initially, but not anymore. According to Sekhar, the mails from Outlook stopped after the TN police wrote to Microsoft. However, a new chain of emails began appearing from Tor, a browser which enables anonymous communication.
In the latest threat mail sent to DGP Tamil Nadu on November 11, Sekhar's residence was mentioned among seven places, including Madras High Court, Health Minister's house, Free Mason Lodge and the residences of actors Ajith Kumar and Ramya Krishnan, where the sender claimed to have planted IEDs. The email sent from ‘arjundurari_rajasankar@mail2tor.email’ also mentioned Faridabad, where a suspected terror module was busted in a joint operation by police in Jammu & Kashmir, Haryana and Uttar Pradesh.
Breaking the VPN barrier
In mid-June this year, several schools in Bengaluru received bomb threats, sparking panic among parents. At least seven schools under Kumbalgodu, RR Nagar, and Kalasipalya police stations were targeted. The police, after extensive searches, concluded it to be a hoax.
The suspect was arrested within days, in connection with another high-profile case. While the misuse of VPNs poses a major challenge for investigations, the Ahmedabad police in June managed to crack the case even though the tech-savvy suspect had hidden behind multiple layers of privacy.
The accused, Chennai-based robotics engineer Rene Joshilda, was arrested by the Ahmedabad police while investigating a threat email received by BJ Medical College a day after the ill-fated Air India flight crashed on one of its buildings. By then, the 30-year-old techie had sent around 21 hoax bomb threats via VPN emails to around 12 states, including Bengaluru schools and BJ Medical College. The reason? She wanted to take revenge on her colleague, whom she secretly loved. The man, reportedly unaware of her interest, had married another woman in February.
Rene, with her expertise in IT, had used multiple layers of privacy to ensure her anonymity while using her colleague’s name in the IDs to trap him. However, her technical prowess or tactful use of VPNs could not keep her identity hidden for long. Two mistakes landed her in the police net. One, she sent mail to BJ Medical College claiming responsibility for the crash of AI 171, which brought the attention of all major national security agencies to the case. The second was a crucial technical mistake. She once logged into her real and fake email IDs from a single device.
Rene’s arrest was widely perceived as the end of the trouble. However, the VPN hoax mails continue to pose a headache to the police. Kerala and TN police suspect that the emails seem to come from a single handle due to the recurrent pattern in the content.
Fatigue of repeated hoax threats
Across the states, police share similar stories of fatigue after going through vigorous drills based on hoax threats. “When we receive a threat, the first response is to ensure safety. Checking whether it is a credible threat comes next. We have a standard operating procedure that should be followed no matter what. We have to pool in men and machinery to conduct searches. Even the dogs in our squad are exhausted. However, there is no choice but to go through the exercise. We can't take chances just because all emails so far were hoaxes,” said a senior police officer in Kerala.
Karnataka police too shared similar sentiments. "We can't take it lightly. We have to visit the institution and follow the protocol. A thorough inspection has to be conducted using the bomb disposal squad. It would normally take around an hour to complete the exercise," said D Devaraja, Deputy Commissioner of Police (Bengaluru East)
Kullu SP Karthikeyan said that it was not easy to make an estimate of the economic cost of each search. “There is a cost involved in arranging specialised teams such as the bomb squad and dog squad, etc. We have to rope in services like ambulances and fire and rescue. Imagine, if we are evacuating a district collector’s office over a threat, the citizens who come there too are troubled by this. The search could last for hours, depending on the institution,” he said.
Schools and airports bear the brunt.
Schools and airlines are the main targets of hoax bomb threats. As per reports, 300 educational institutions were targeted in a single day in September in Delhi. Over 150 schools in the Delhi-NCR region alone were affected by hoax bomb threats from January to August this year. Besides the disruption of normal functioning of the institutions, such threats push parents, staff and students into emotional turmoil. The psychological impact is evident when institutions see a dip in attendance a day after the blast near Red Fort in Delhi on November 10. A series of hoax threats had disrupted the normal functioning of schools in Bengaluru and Chennai recently.
The economic cost is manifold when miscreants target airports and airlines with hoax threats. In April 2025, Union Minister of State for Civil Aviation Murlidhar Mohol presented data in the Lok Sabha, showing there had been a huge increase in the hoax bomb threats received by airline operators in the country in the last two years. According to him, airline operators received a total of 836 hoax bomb threats from 2022 to March 25, 2025. The numbers went up from just 12 in 2022 to 71 in 2023 and a whopping 728 by 2024. By March 2025, airline operators had recorded 24 hoax threats.
Though there were 728 hoax threats in 2024, only 13 arrests were made during that period.
As per a discussion in the Lok Sabha in 2017 regarding the estimated loss incurred by airlines and airports due to fake calls, the Union Ministry said that it was difficult to quantify the loss in monetary terms. Hoax calls result in loss of money and time, credibility of airlines, in addition to inconvenience caused to passengers.
Considering the increased use of social media platforms by miscreants to issue bomb threats, the Union Ministry of Electronics and IT, in October last year, issued an advisory to such intermediaries, directing them to remove hoaxes, report threats, and cooperate with authorities. Social media platforms were asked to promptly remove unlawful content to maintain public order and security.