CHANDIGARH: Punjab’s battle against a series of hoax bomb threat emails has now moved decisively into the cyber domain, with senior police officials admitting that the use of virtual private networks and foreign servers is making it extremely difficult to identify those behind the threats.
Over the past few months, at least nine major hoax bomb threat incidents have been reported across Punjab and the Tricity region. In January alone, nearly 30 schools received coordinated emails claiming explosives had been planted on their premises. Each alert led to evacuations, deployment of bomb disposal squads and hours of safeguard checks. No explosives were found in any case.
The pattern intensified this week. Several schools in Mohali received fresh threat emails. Around the same time, Fortis Hospital in Mohali was also targeted through an email that mentioned Chief Minister Bhagwant Mann, who was admitted there at the time. The reference to the Chief Minister triggered heightened security, with police conducting detailed searches of the hospital premises and surrounding areas before declaring the threat a hoax.
Soon after, similar emails were sent to the Punjab Civil Secretariat and the Chandigarh district court complex, once again forcing evacuations and security sweeps. While the threats turned out to be false, the recurrence has exposed a deeper technological challenge.
Punjab Director General of Police Gaurav Yadav said this week that investigators have traced the servers used in several of these emails to Bangladesh. He added that the state police are working with central agencies and seeking international cooperation to identify the perpetrators.
The DGP described the emails as attempts to create fear and disrupt the normal functioning of institutions. Senior officers involved in the probe said preliminary technical analysis shows that the emails were routed through VPN services with constantly changing IP addresses.
The rapid switching of digital locations, often across multiple jurisdictions, has made traditional tracing methods ineffective. In several instances, IP logs have led to temporary servers or foreign-based addresses, complicating efforts to obtain user data.
Investigators are now analysing metadata, language patterns and timing of the emails to identify possible links between incidents. Officials confirmed that many of the email accounts used were created with fake credentials and appear to be disposable.
Police have emphasised that every threat is treated as genuine until proven otherwise. Each email triggers full-scale security protocols, including evacuation, sniffer dog checks and bomb detection sweeps. Authorities say this approach is essential despite the hoax nature of the threats, as any lapse could have serious consequences. However, the repeated misuse of VPN technology has become a growing headache for the Punjab cyber cell. Apart from stretching police resources, the threats are disrupting education and government functioning.
Security has now been strengthened at key institutions, while cyber teams continue to coordinate with national and international agencies. For investigators, the immediate challenge is not only to calm public anxiety but to pierce the digital shield protecting the hoax mongers. Until that anonymity is broken, officials admit, the cycle of email threats and emergency responses may continue.
