What to do if I shared my OTP in a UPI scam?

Immediately contact your bank's helpline (SBI: 1800-11-1109, HDFC: 1800-202-6161) to block your account and report the incident. Monitor your account for unauthorized transactions.

How can I identify an Executive Impersonation scam?

Look for urgent requests marked as confidential, messages pushing for immediate action, and requests that discourage direct verification. Verify any unusual instructions.

How to report this type of scam in India?

You can report the scam to the national cybercrime helpline at 1930, visit cybercrime.gov.in, and inform your bank about the fraudulent activity.

How to recover money or protect accounts after this scam?

Contact your bank immediately to freeze your account and discuss recovery options. Change your online banking passwords and monitor transactions closely.

Executive Impersonation for Urgent Transfers

INDIA — By BharatSecure Threat Intelligence Team · Updated May 14, 2026

Verdict: Suspicious | Risk Score: 10/10 | Severity: critical

Category: UPI, WhatsApp

How Executive Impersonation for Urgent Transfers Works

Overview: In this Business Email Compromise (BEC) variant, fraudsters impersonate CEOs, CFOs, or senior leaders to pressure junior finance staff into making quick, high-value transfers. The urgency and secrecy in these messages manipulate victims into skipping regular checks. This scam targets Indian companies of all sizes, especially during peak business hours or holidays when executives are likely unavailable. How It Works: 1. Scammers gather company hierarchy and employee details from social media or public filings. 2. They craft emails, WhatsApp messages, or SMS that spoof the senior executive's identity or display name, sometimes referencing confidential company activity. 3. Typical messages claim, “I’m in a board meeting, transfer ₹18 lakhs for urgent acquisition. Don’t inform others." 4. The request is marked as urgent and confidential, creating psychological pressure. 5. Victims, convinced they’re helping their boss, process the payment—often to a never-before-used beneficiary account owned by the attackers. India Angle: - Heavily adapted to Indian workplaces: WhatsApp is used alongside email for extra urgency. - Mid-sized companies and SMEs in metros (Delhi, Bengaluru, Mumbai) are commonly targeted; approval controls are less formal here. - The scam often strikes during month-end or fiscal closure, when staff are distracted. Real Examples: - A Mumbai accounts team member gets a WhatsApp message: “Please approve swift payment to this account, informing no one. It’s time-sensitive!” - Email arrives from '[UPI_REDACTED].co.in' (extra character in domain): “Treat as urgency—update me when done. Out of office, can’t take calls!” Red Flags: - Executive requests not following standard payment approval chain - Strong secrecy combined with urgency (“Keep this confidential”) - Message sent outside regular office hours - Brand new beneficiary account for a large sum - Message formatting or tone slightly differs from regular communication Protective Measures: - Never process sensitive payments solely based on digital communication - Call the executive on a publicly known number for confirmation - Implement dual authorization for all big transactions - Train staff to spot urgency plus secrecy as a classic scam sign - Encourage a workplace culture where all unusual requests are challenged If Victimised: - Contact your bank immediately to halt the transaction - Report to 1930, cybercrime.gov.in, and inform RBI for high-value frauds - Preserve all digital communications for investigation - Notify management and IT teams for review Related Scams: - Vendor Payment Diversion scams - Dual-channel BEC (email + WhatsApp pressure) - Payroll or data harvesting under fake boss requests

How This Scam Works — Detailed Explanation

In today's digital landscape, scammers have become remarkably sophisticated, particularly in the realm of business transactions. The Executive Impersonation for Urgent Transfers scam is a troubling example where fraudsters conduct their research primarily through social media platforms such as LinkedIn and Facebook, as well as corporate websites. They utilize these platforms to gather details about company hierarchies, employee roles, and internal communication styles. Once they've identified key individuals, they may also monitor email exchanges to create a more convincing impersonation. This preparation phase often involves the collection of employee names, designations, and even specific financial processes that could easily be exploited.

Scammers typically employ a range of psychological tactics to create a sense of urgency and authority. By impersonating top executives such as CEOs or CFOs, they send emails that seem legitimate at first glance. These emails are often marked as 'confidential' and feature requests for immediate action on seemingly urgent financial transactions. The language used often implies dire consequences if the request is not met swiftly, pushing frightened employees to comply without following standard verification protocols. This psychological manipulation is exacerbated by the timing of the scams, often occurring during peak business hours or holidays when key personnel may be unavailable to question the authenticity of the request.

Once a victim falls for the scam, the access to funds happens in several alarming steps. For instance, a finance executive may receive an email requesting an urgent UPI transfer to a newly added beneficiary. Trusting the sender's identity, the employee fails to confirm via phone or in person — a tactic often discouraged in the email. The employee initiates the transfer through their banking app, such as SBI YONO or HDFC NetBanking, often making large payments that sting operations. Unfortunately, these funds rarely return to the original account as they are typically withdrawn in cash or moved to various undisclosed accounts almost instantly. Real-life examples include cases wherein Indian companies have reported losses exceeding ₹350 crore in the past year alone, underscoring the grave financial threat posed by this scam.

Examining the larger picture, the implications of Executive Impersonation for Urgent Transfers in India are alarming. According to reports, the Ministry of Home Affairs (MHA) and the Reserve Bank of India (RBI) have been emphasizing cybersecurity awareness amid a surge in business email compromise scams. CERT-In frequently publishes advisories warning businesses about these risks. Many business owners remain unaware of the extent to which their company can be targeted, especially during critical financial periods. The situation is corroborated by the staggering amounts lost, with millions, if not billions, being siphoned off through such scams, representing a major risk for Indian enterprises.

Understanding how to differentiate legitimate communications from scam attempts is crucial. Genuine requests usually contain clear, professional language with follow-up contact options, including phone numbers or scheduled meetings. If you receive a payment request from a superior, always verify through a different communication channel — do not reply to the original email. Especially in UPI transactions, if a request appears inconsistent with your company's usual protocols, question it. Be particularly wary of messages insisting on confidentiality and those arriving outside of regular business hours. By taking these simple steps, you can safeguard your organization from these damaging attacks.

Visual Intelligence:

BharatSecure's AI has identified this as a used in scams targeting Indian users.

Who Does Executive Impersonation for Urgent Transfers Target?

General public across India

Red Flags — How to Identify Executive Impersonation for Urgent Transfers

Unusual executive payment requests marked as confidential
Newly added payment beneficiaries for large amounts
Message discourages phone or in-person verification
Arrives outside standard business hours
Short, urgent, off-tone messages from supposed bosses

What To Do If You Encounter Executive Impersonation for Urgent Transfers

Report any suspicious communications to 1930 or visit cybercrime.gov.in.
Verify urgent payment requests with your immediate supervisor or through a direct phone call.
Always use secure communication channels to discuss sensitive financial decisions.
Educate fellow team members about this scam and its warning signs during meetings.
Keep your company's payment protocol updated and include verification steps.
Maintain regular audits of payment requests and beneficiary details.

How to Report Executive Impersonation for Urgent Transfers in India

Call 1930 — National Cyber Crime Helpline (24x7)
File a complaint at cybercrime.gov.in
Contact your bank immediately if money was lost
Call RBI helpline: 14440 for banking fraud

Frequently Asked Questions

What to do if I shared my OTP in a UPI scam?: Immediately contact your bank's helpline (SBI: 1800-11-1109, HDFC: 1800-202-6161) to block your account and report the incident. Monitor your account for unauthorized transactions.
How can I identify an Executive Impersonation scam?: Look for urgent requests marked as confidential, messages pushing for immediate action, and requests that discourage direct verification. Verify any unusual instructions.
How to report this type of scam in India?: You can report the scam to the national cybercrime helpline at 1930, visit cybercrime.gov.in, and inform your bank about the fraudulent activity.
How to recover money or protect accounts after this scam?: Contact your bank immediately to freeze your account and discuss recovery options. Change your online banking passwords and monitor transactions closely.

Related Scams in India

Verify Any Suspicious Message

Check any suspicious message, link, or call for free at bharatsecure.app. BharatSecure uses AI to detect scams in real-time and protect Indian users.