Boss Scam Fraud Surges Across India, TGCSB Warns Public

The Telangana Cyber Security Bureau (TGCSB) has issued a public advisory warning government departments, businesses, and organisations about an increasing cyber fraud known as the 'Boss Scam' or CEO impersonation fraud.

According to the advisory, more than 300 complaints related to the scam have been reported nationwide within a span of nearly 20 days, prompting concerns over the increasing use of malware and impersonation tactics by cybercriminals.

The advisory states that fraudsters are targeting senior executives, government officials, business owners, and organisational leaders through emails and WhatsApp messages disguised as urgent regulatory, compliance, or official communications.

Investigators said the scam typically begins with cybercriminals sending malicious ZIP or RAR files disguised as notices, compliance documents, or urgent communications. Once the attachment is opened, malware is installed on the victim's device, allowing unauthorised access to active WhatsApp Web sessions and other sensitive information.

The compromised accounts are then used to impersonate senior officials or company executives. Fraudsters send instructions to employees, finance teams, or subordinate staff, pressuring them to make urgent financial transfers or disclose confidential information.

The TGCSB said the scam relies heavily on exploiting trust, authority, and urgency, often convincing victims to bypass established approval procedures in the belief that the instructions have come directly from a senior official.

Officials have advised organisations to be alert to warning signs, including unexpected ZIP or RAR attachments, messages marked as urgent compliance requests, instructions received solely through email or WhatsApp, requests for confidential financial transactions, and attempts to circumvent standard approval processes.

The bureau urged businesses and government departments to independently verify all financial instructions through direct phone calls or official communication channels, regardless of the apparent sender's identity.

It also recommended enabling multi-factor authentication, regularly reviewing active WhatsApp Web sessions, avoiding suspicious attachments, and conducting regular cyber security awareness programmes for employees.

The bureau has asked victims or those who encounter such fraud attempts to report them immediately through the National Cybercrime Helpline on 1930 or the National Cybercrime Reporting Portal.