Impersonation Scam Targets Company, Leads to 1.8 Million Rupee Loss — How to Identify & Stay Safe

INDIA — By BharatSecure Threat Intelligence Team · Updated May 29, 2026

Severity: CRITICAL | View Full Scam Details

Impersonation Scam Targets Company, Leads to 1.8 Million Rupee Loss in India, 2026

In 2026, companies across India continue to face a critical phishing threat: impersonation scams that have caused losses exceeding ₹1.8 million, highlighting the urgent need for heightened digital vigilance.

What Is the Impersonation Scam Targets Company, Leads to 1.8 Million Rupee Loss?

This impersonation scam involves fraudsters pretending to be trusted company officials, financial partners, or government authorities to trick employees into transferring large sums of money. The scam primarily targets Indian companies’ finance and accounts departments but can also hit small businesses and startups where financial controls may be less stringent.

In a recent reported incident, a business lost over ₹1.8 million after receiving a series of calls and emails allegedly from senior management demanding urgent payments. Such cases are increasingly widespread, with CERT-In (the Indian Computer Emergency Response Team) and the Inter-Departmental Committee on Cybercrime (I4C) noting a sharp rise in phishing attacks targeting company finances in India.

Both RBI and CERT-In have issued multiple advisories warning organisations to strengthen internal communication verification processes, as scammers exploit the trust within corporate workflows. These scams leverage social engineering techniques and spoofing technologies, often bypassing conventional email and phone filters.

How This Scam Works — Step by Step

1. Initial Contact via Call or Email: The fraudster contacts an employee, typically from accounts or finance, claiming to be a high-ranking company official or government auditor.
2. Urgent Payment Request: They insist on an urgent fund transfer for supposed vendor payments, tax clearances, or confidential transactions requiring immediate processing.
3. Use of Spoofed Numbers/Emails: The caller ID or email address is manipulated to appear as if it is from the company CEO, CFO, or government authority, increasing credibility.
4. Instructions for Wire Transfer or UPI Payment: The victim is directed to transfer money to a bank account or UPI ID (e.g., us**@bank), often accompanied by threats of penalties or legal action.
5. Avoidance of Verification: The scammer discourages victims from consulting other team members or verifying via official channels, using urgency as pressure.
6. Funds Withdrawn Quickly: Once the money is transferred, it is immediately withdrawn or routed through multiple accounts to evade tracing.
7. Delayed Realisation: The victim company discovers the fraud hours or days later, after receiving complaints from original vendors or noticing discrepancies.

Real Warning Signs to Watch For

• Unexpected requests for urgent payments, especially outside normal procedures.
• Caller or email address spoofing that closely mimics official contacts but with slight anomalies.
• Pressure to bypass standard verification or approval workflows.
• Requests to transfer money to unknown accounts or UPI IDs not listed in company records.
• Communication demanding secrecy or discouraging consultation with others.
• Poor grammar, spelling errors, or unusual language in emails or texts claiming to be official.
• Deviation from regular company communication channels (e.g., sudden WhatsApp message from a ‘boss’).

What Happens to Victims

Victims of this impersonation scam often face significant financial loss, sometimes amounting to several lakhs or even crores of rupees due to large unauthorized transfers. For many Indian companies, especially MSMEs, losing ₹1.8 million or more can jeopardize operations and employee salaries.

Besides the direct monetary impact, companies endure reputational damage and operational disruptions. The emotional stress and mistrust generated within teams are considerable, with employees feeling betrayed or blamed despite being victims themselves. In some cases, Aadhaar or PAN details might be misused to lend credibility to fake communications, compounding the damage.

Victims often struggle with recovery because UPI and some bank transfers are instant and irreversible, especially once funds are withdrawn. SIM swapping or phishing can further block victims from timely reporting or controlling accounts.

What RBI and CERT-In Say

The Reserve Bank of India (RBI) has repeatedly emphasized strengthening authentication and validation of payment instructions, encouraging companies to implement multi-factor approval systems for large transactions. RBI’s guidelines urge companies to educate employees regarding such scams and verify instructions via independent channels.

CERT-In and I4C have issued advisories highlighting impersonation and phishing attacks as a ‘critical’ Indian cyber threat. Their recommendations include training employees, deploying email filtering solutions, and promptly reporting suspicious incidents to the 1930 cybercrime helpline.

RBI’s customer education webpage and CERT-In advisories stress never using shared links or non-official channels for payment confirmation. The government also encourages victims to lodge complaints on cybercrime.gov.in for investigative support.

How to Protect Yourself

1. Verify Every Payment Request: Confirm requests for urgent payments through a different communication channel, such as a direct phone call to known executives.
2. Set Up Multi-Person Approval: Use a system where no single person can authorize large fund transfers without at least one other senior’s sign-off.
3. Train Employees Regularly: Conduct cybersecurity awareness sessions emphasizing phishing, spoofing, and social engineering risks.
4. Be Skeptical of Urgent Pressure: Treat any payment demand framed as urgent or secret with suspicion and seek managerial guidance.
5. Use Official Channels Only: Avoid processing payments based on WhatsApp or unofficial messaging; stick to recognised email IDs and phone numbers.
6. Check Account Details Carefully: Cross-verify recipient UPI IDs and bank accounts with vendor lists before proceeding with transactions.
7. Update and Monitor Systems: Keep anti-phishing software updated and monitor employee emails and phones for suspicious activity or SIM swaps.

What to Do If You’ve Been Targeted

1. Immediately Inform Your Company’s IT and Finance Teams: Halt any ongoing transfers and freeze related accounts where possible.
2. Report to Your Bank Promptly: Notify your bank about the fraudulent transaction and request urgent blocking or dispute resolution.
3. Contact Cybercrime Helpline 1930: File a complaint detailing the scam with authorities via the National Cybercrime Reporting Portal or by calling 1930.
4. Report Incident on cybercrime.gov.in: Use the government portal to register the case, enabling investigation and potential law enforcement action.
5. Preserve All Evidence: Save all messages, call logs, emails, and payment receipts related to the scam.
6. Inform RBI or CERT-In if Necessary: Follow up with official agencies’ reporting mechanisms for corporate fraud cases.

Frequently Asked Questions

Q: Can UPI transactions involved in this scam be reversed?
A: Generally, UPI transactions are instant and final. While banks may attempt to retrieve funds in fraud cases, reversal depends on how quickly the scam is reported and the cooperation of recipients. Prevention is crucial.

Q: How do scammers spoof phone numbers and emails?
A: Fraudsters use software tools to mimic legitimate phone numbers and email addresses. This “spoofing” makes the communication appear authentic, which is why independent verification is essential.

Q: What to do if an employee unknowingly authorized a scam transaction?
A: The company should immediately report the incident to banks, IT teams, and law enforcement. Internal damage control and employee counseling can help reduce future risks and handle emotional impact.

If you receive suspicious messages or calls requesting money or confidential data, always verify with BharatSecure.app’s scam alert tools and report fraud incidents promptly via the 1930 helpline.

Disclaimer: This article describes a pattern of fraud reported in public sources for public-safety awareness. It is not legal, financial, or medical advice. To request correction or removal of any content, write to hello@bharatsecure.app.