What to do if I shared my UPI ID in a suspected scam?

Immediately notify your bank using helplines like SBI 1800-11-1109 or HDFC 1800-202-6161 to freeze any transactions. Report the incident to 1930 or cybercrime.gov.in.

How can I identify a spoofed-number CEO WhatsApp impersonation?

Check if the number is unfamiliar or foreign and ensure there are no grammatical errors or odd phrasing in the message. Legitimate requests typically come from familiar or verified numbers.

How to report this type of scam in India?

You can report incidents at 1930, visit cybercrime.gov.in, or contact your bank directly for assistance in reporting fraud.

What are the steps to recover money after falling for this scam?

Contact your bank immediately to report the fraud and seek assistance. Keep all communication records as evidence and report to cybercrime authorities at 1930 or cybercrime.gov.in.

Spoofed-Number CEO WhatsApp Impersonation

INDIA — By BharatSecure Threat Intelligence Team · Updated May 28, 2026

Verdict: Suspicious | Risk Score: 8/10 | Severity: high

Category: UPI, WhatsApp, Phishing

How Spoofed-Number CEO WhatsApp Impersonation Works

Overview: Scammers create WhatsApp profiles using spoofed or foreign numbers, complete with the CEO’s display picture and name. They message staff members, usually after business hours or during national holidays, and instruct them to urgently transfer money for confidential reasons. This scam manipulates employee trust and exploits the urgency of executive-level requests. How It Works: 1. The scammer sets up a WhatsApp account using a number similar to (or in place of) the real executive's, and copies their profile details. 2. Target employees or finance teams receive messages from this account, claiming an urgent, confidential fund transfer or purchase is needed. 3. The scammer insists the staff not call or question the request, and often claims to be in a critical meeting. 4. Transfers are quickly made to third-party accounts or via UPI. India Angle: The scam is common in Indian SMEs and startups in Mumbai, Noida, Pune, and Ahmedabad, where high digital adoption and lack of strict payment controls exist. It also affects rural businesses unfamiliar with digital impersonation threats. Scammers may target local language speakers and use Hindi, Gujarati, or Marathi in their messages to appear authentic. Real Examples: - "I am in Delhi visiting clients, immediate UPI payment needed to finalise deal. Don’t call, just update me on WhatsApp." - "Hi, this is your MD - transfer 5 lakh to this account for a one-time business opportunity. Should be confidential." Red Flags: - WhatsApp messages from unknown or foreign mobile numbers, even if profile photo matches boss’s. - Pressure to keep the matter secret and avoid regular validation. - Poorly written or unusually terse language. - Request for urgent funds beyond normal limits. Protective Measures: - Don’t act on payment requests sent from new numbers, no matter the profile image. - Independently verify such requests via phone or through another channel. - Educate staff to always question abnormal payment behaviour. - Limit the number of employees authorised for sensitive transactions. If Victimised: - Report the incident at cybercrime.gov.in and call 1930. - Inform the bank for possible reversal or freeze. - Save all suspicious WhatsApp screenshots for investigation. Related Scams: - Hijacked WhatsApp Web executive scam. - Executive email impersonation phishing. - Intracompany gift card fraud.

How This Scam Works — Detailed Explanation

Scammers employ various tactics to target employees within organizations, focusing especially on WhatsApp as a communication platform. They often begin by either using spoofed phone numbers that closely resemble the company's legitimate executive numbers or by purchasing foreign numbers which help maintain anonymity. With a quick online search, they can gather necessary details about the CEO, such as their profile picture, name, and even the company's structure. Once they have created a WhatsApp account featuring the CEO's real name and image, they initiate contact, typically after business hours or during holidays when responses may be more rushed and less scrutinized.

One of the primary tactics utilized by these scammers is psychological manipulation. By instilling a sense of urgency, they can effectively bypass rational thinking in their victims. The scammers often simulate scenarios where they claim they are in a meeting or dealing with a crisis, thus making the requested actions seem more urgent and confidential. For example, they might say, "I need you to transfer funds immediately for a project that must remain confidential." The language used in these messages, while often tailored to mimic the executive's style, may include unusual phrasing or grammatical errors that can serve as red flags. Victims may feel pressured to comply with these demands immediately without confirming the request through a phone call.

Once employees receive these fabricated messages, they may follow through on the instructions without verifying the source of the request. The scammers usually instruct them to transfer funds to a designated UPI ID, which can be linked to a fake or overseas account. They might reference a fictitious emergency payment to a vendor or other significant matters requiring swift action. Unfortunately, once the transfer is completed and the victim realizes the fraud, they usually find themselves unable to retrieve the money because it is already moved to untraceable accounts. The cases are prevalent across India, with substantial monetary losses reported, with estimates suggesting that ₹300 crore was lost in UPI fraud during the last quarter alone.

The impact of these scams stretches beyond immediate financial loss. Organizations often face reputational damage, employee morale issues, and financial strain from unexpected expenses. The Ministry of Home Affairs (MHA) has warned companies about these impersonation scams, while banks and the Reserve Bank of India (RBI) stress the importance of employee training against such frauds. Additionally, cybersecurity advisories from CERT-In have highlighted the growing trend of CEO impersonation as a prominent threat. This signifies the critical need for awareness and prompt action in cases of suspected fraud. Victims who fall prey to such scams are encouraged to report incidents immediately to mitigate losses and potentially aid in recovering their funds.

It is crucial for employees and organizations to recognize the warning signs of such scams to distinguish between legitimate communications and fraudulent ones. Requests from unfamiliar numbers that impersonate a superior should raise immediate suspicion, as should demands for urgent transactions without prior conversation or confirmation. Additionally, understanding the context of communication—whether it aligns with business norms—can be vital. For instance, if a CEO typically discusses financial matters through email or face-to-face meetings, an unexpected WhatsApp message asking for money should arouse skepticism. Employees should be encouraged to verify any urgent requests for fund transfers through direct voice calls, particularly when dealing with sensitive operations like UPI payments or bank transactions, effectively minimizing the risk of falling victim to these schemes.

Visual Intelligence:

BharatSecure's AI has identified this as a used in scams targeting Indian users.

Who Does Spoofed-Number CEO WhatsApp Impersonation Target?

General public across India

Red Flags — How to Identify Spoofed-Number CEO WhatsApp Impersonation

WhatsApp request from unknown or foreign number using boss’s name and photo
Requests for urgent fund transfer without call confirmation
Message tone is slightly wrong or language is poor
Claims of being in a meeting, asks for secrecy

What To Do If You Encounter Spoofed-Number CEO WhatsApp Impersonation

Report any suspicious WhatsApp messages to 1930 or cybercrime.gov.in immediately.
Verify the identity of the sender by calling your CEO directly using their known phone number.
Do not transfer any funds until you have confirmed the request through a reliable channel.
Inform your HR or finance department about the attempted scam as early as possible.
Change any company-related access codes or passwords that might be compromised.
Keep a record of the communication and details of the incident for future reference.

How to Report Spoofed-Number CEO WhatsApp Impersonation in India

Call 1930 — National Cyber Crime Helpline (24x7)
File a complaint at cybercrime.gov.in
Contact your bank immediately if money was lost
Call RBI helpline: 14440 for banking fraud

Frequently Asked Questions

What to do if I shared my UPI ID in a suspected scam?: Immediately notify your bank using helplines like SBI 1800-11-1109 or HDFC 1800-202-6161 to freeze any transactions. Report the incident to 1930 or cybercrime.gov.in.
How can I identify a spoofed-number CEO WhatsApp impersonation?: Check if the number is unfamiliar or foreign and ensure there are no grammatical errors or odd phrasing in the message. Legitimate requests typically come from familiar or verified numbers.
How to report this type of scam in India?: You can report incidents at 1930, visit cybercrime.gov.in, or contact your bank directly for assistance in reporting fraud.
What are the steps to recover money after falling for this scam?: Contact your bank immediately to report the fraud and seek assistance. Keep all communication records as evidence and report to cybercrime authorities at 1930 or cybercrime.gov.in.

Related Scams in India

Verify Any Suspicious Message

Check any suspicious message, link, or call for free at bharatsecure.app. BharatSecure uses AI to detect scams in real-time and protect Indian users.