Hyderabad: The Telangana Cyber Security Bureau (TGCSB) has sounded an alert over a fast-spreading fraud in which cybercriminals impersonate senior executives and government officials to dupe employees into making unauthorised financial transfers, a scheme that has drawn over 300 complaints from across the country in less than three weeks.
In a public advisory, TGCSB Director Shikha Goel warned citizens, government departments, public sector organisations, private companies and business establishments about the scheme, commonly referred to as the “Boss Scam” or CEO impersonation fraud.
The alert follows an advisory issued by the Indian Cyber Crime Coordination Centre (I4C).
How it works
The fraud typically begins with an email or WhatsApp message carrying a ZIP or RAR file, dressed up as a compliance document, regulatory notice or urgent communication. Once the recipient opens the file, malware is installed on the device, giving the attacker access to active WhatsApp Web sessions and other data.
The criminals then use this access to pose as senior officials – a CEO, a department head or a government officer – and issue instructions to employees or finance teams, pressuring them into transferring funds or sharing confidential information without going through the usual approval channels.
The bureau flagged several red flags to watch for, from unsolicited compressed file attachments, messages marked “Urgent Compliance” or “Immediate Action Required” to instructions received solely through WhatsApp or email, requests to bypass standard financial approval procedures and any unusual pressure to act immediately without independent verification.
What to do
The TGCSB advised employees who receive such messages not to respond or open any attachment, verify the request through a trusted channel independently, alert their IT or security team at once and preserve evidence before reporting the incident.
Organisations have been urged to enable multi-factor authentication, review and log out of unused WhatsApp Web sessions regularly and hold periodic cyber awareness training for staff.
Follow on Twitter | Edited by Osama Salman | 
