New Delhi:
The Indian Cyber Crime Coordination Centre (I4C) has issued a warning about a rising cyber fraud dubbed the “boss scam”, in which cybercriminals impersonate regulators and senior executives to trick companies into making high-value financial transfers.
In an advisory issued on Monday, the National Cybercrime Threat Analytics Unit (NCTAU) under I4C said fraudsters are targeting chief executives and other senior officials through emails and WhatsApp messages posing as communications from regulatory authorities such as the Reserve Bank of India (RBI).
According to the advisory, the attackers claim the organisation has violated regulatory requirements or needs urgent security upgrades. The messages create a sense of urgency and contain a compressed ZIP file allegedly related to compliance or security updates.
Once the file is downloaded and executed on a Windows computer, malware is installed on the device. The malicious software can compromise the executive’s system and hijack active WhatsApp Web sessions, giving criminals access to the executive’s genuine WhatsApp account.
Using the compromised account, fraudsters then contact finance and accounts personnel, directing them to transfer funds to bank accounts controlled by the criminals. In some cases, attackers reportedly alter the device’s contact list and save an attacker-controlled number under the name of the CEO, making fraudulent payment instructions appear legitimate.
The advisory noted that finance departments are particularly vulnerable to such social-engineering attacks because requests appear to come directly from senior management.
To counter the threat, I4C has advised organisations to independently verify any urgent payment requests or account changes through voice calls or face-to-face confirmation rather than relying solely on WhatsApp messages or emails. It also urged users not to install executable files received from unknown sources, stressing that regulators such as the RBI do not distribute mandatory software updates through WhatsApp attachments.
The agency further recommended enforcing software restriction policies, regularly reviewing linked WhatsApp devices, and ensuring that Windows systems are protected with updated malware-detection solutions.
I4C has urged citizens and organisations to immediately report cyber fraud incidents by calling the national cybercrime helpline 1930 or through the National Cyber Crime Reporting Portal.
