Noida Accountant Duped by Fake Director Profile — How to Identify & Stay Safe

INDIA — By BharatSecure Threat Intelligence Team · Updated May 28, 2026

Severity: HIGH | View Full Scam Details

Noida Accountant Duped by Fake Director Profile Scam in India 2026: Beware of This Phishing Trap

A rising phishing scam in 2026 is targeting Indian accountants, especially in Noida, where fraudsters impersonate company directors to swindle money.

What Is the Noida Accountant Duped by Fake Director Profile?

This scam involves fraudsters creating fake social media profiles or messaging accounts that appear to belong to company directors. They specifically target accountants, finance officers, or employees responsible for company payments in cities like Noida, which is a major industrial and IT hub in India. The fraudsters pose as legitimate directors – often mimicking names, photos, and company details – to gain trust and pressure the accountant into executing fraudulent transactions.

Such scams have been increasingly reported across India, reflecting a worrying trend of social engineering frauds targeting business personnel. According to complaints reported to local police and cybercrime cells, several accountants have lost lakhs of rupees in a matter of minutes after following instructions from these fake director profiles. The severity of the scam ranks high due to the direct financial impact and growing sophistication of these impersonations.

While there is no dedicated advisory solely addressing director profile impersonation scams yet, the Indian Computer Emergency Response Team (CERT-In) and the Ministry of Home Affairs’ Indian Cyber Crime Coordination Centre (I4C) regularly warn about phishing and social engineering tactics. The Reserve Bank of India (RBI) also emphasizes stringent verification before authorizing payment instructions, especially in corporate transactions.

How This Scam Works — Step by Step

1. Initial Contact via WhatsApp or LinkedIn: The accused fraudster creates a fake profile appearing as the company director, often using a professional photo and the exact spelling of the name. They reach out to the accountant claiming to need urgent help with payments.

2. Building Trust: They engage in casual conversation, sometimes referring to current projects or company details already known publicly or leaked from weak corporate cyber hygiene.

3. Urgent Payment Request: The fake director asks the accountant to process a high-value payment immediately, often citing reasons like urgent supplier dues or regulatory compliance fines.

4. Sending Fake Invoice or Document: To support the request, the fraudster sends a fake invoice or official-looking document via WhatsApp or email, pressuring the accountant to act fast without consulting others.

5. Use of UPI or Bank Transfers: The accountant is asked to transfer funds via UPI or bank wire to a specified account or UPI ID — usually ending with a generic bank name but not matching known suppliers or company accounts.

6. Blocking and Disappearing: Once the funds are transferred, the fraudster deletes the fake profile or blocks the accountant. The money is quickly withdrawn or moved through multiple accounts, leaving the victim helpless.

Real Warning Signs to Watch For

• The request comes from an unexpected or new WhatsApp/LinkedIn account even if it appears to be the director.
• The message urges immediate action with a sense of urgency or secrecy.
• Payment details do not match known suppliers or previously verified company accounts.
• The "director" refuses voice or video calls or meeting requests.
• The invoice or document contains subtle spelling errors, inconsistent letterheads, or mismatched contact numbers.
• Multiple urgent payment requests outside of normal business procedures.
• The account or profile is recently created or has a low connection network.

What Happens to Victims

Victims, such as accountants, often lose significant sums ranging from tens of thousands to lakhs of rupees through these scams. Because payments are made through UPI or bank transfers, reversing transactions can be difficult, especially if the funds are withdrawn quickly. Unlike some other fraudulent transactions where banks might enable a quick UPI refund in cases of error, payments to fraudulent accounts via authorization do not usually qualify for reversal.

Beyond the financial loss, victims face emotional stress, professional embarrassment, and loss of trust among colleagues and management. A compromised reputation can impact career prospects and professional credibility. Additionally, the misuse of Aadhaar or mobile SIM swap incidents reported in some cases have made victims vulnerable to further identity theft, compounding their troubles.

What RBI and CERT-In Say

The RBI has issued general advisories warning individuals and companies to verify payment instructions rigorously and not to rely solely on messages, emails, or calls asking for transfers without cross-checking through official channels. RBI’s Customer Education & Protection Department suggests always confirming financial transactions with known contacts and using multi-factor authentication for online banking.

CERT-In emphasizes awareness about phishing and social engineering attacks. They urge users to verify sender identities, avoid clicking on suspicious links, and report incidents to the 1930 cybercrime helpline. The I4C portal at cybercrime.gov.in allows victims to file accurate complaints and seek timely assistance. Though these authorities do not yet have scam-specific guidelines for fake director profiles, they stress the importance of corporate cybersecurity best practices.

How to Protect Yourself

1. Verify Payment Requests: Always cross-verify payment instructions received over WhatsApp or LinkedIn by calling the director on a previously known official number or in-person confirmation.
2. Check Sender Profiles: Look for account creation dates, mutual connections, and account activity before trusting new contact profiles claiming to be company officials.
3. Follow Company SOPs: Stick to company payment procedures, including multiple approvals and use of official communication channels for payment requests.
4. Avoid Urgency Pressure: Refuse to make payments under pressure or secretive conditions; ask for time to verify.
5. Scrutinize Documents: Verify authenticity of invoices or documents with procurement or legal departments, looking for inconsistencies.
6. Secure Mobile Devices: Use PINs, biometrics, and app locks on finance and communication apps.
7. Report Suspicious Activity: Inform the manager, IT department, and cybercrime authorities immediately on suspected fraud attempts.

What to Do If You've Been Targeted

• Immediately contact your bank to report the fraudulent transaction and request a freeze on your accounts linked with the transfer.
• Change all related passwords and enable multi-factor authentication for banking and messaging apps.
• Report the incident to your company’s legal or compliance division without delay.
• File a complaint with the cybercrime portal at cybercrime.gov.in detailing the scam and providing all communication evidences.
• Call the Indian Cyber Crime Coordination Centre helpline at 1930 for guidance and support.
• Inform CERT-In via their reporting channels if your devices or systems have been compromised.

Frequently Asked Questions

Q: How can I confirm if the director’s profile is fake?
A: Check the profile’s creation date, mutual contacts, and inconsistencies in their messages. Always confirm payment requests by calling a verified official phone number or face-to-face if possible.

Q: Can I get my money back after transferring funds to the fraudster’s account?
A: Fund recovery is difficult once payment is authorized, especially via UPI or bank transfers. Promptly reporting to the bank and cybercrime authorities improves chances but does not guarantee refunds.

Q: What should I do if I receive a suspicious payment request from a company executive?
A: Do not act immediately. Verify through other official channels, inform your manager, and escalate to the company’s compliance team before processing any payment.

Check suspicious messages or profiles on BharatSecure.app, and report any digital fraud to the 1930 cybercrime helpline to protect yourself and others.

Disclaimer: This article describes a pattern of fraud reported in public sources for public-safety awareness. It is not legal, financial, or medical advice. To request correction or removal of any content, write to hello@bharatsecure.app.