What to do if I shared my OTP in a UPI scam?

Immediately report the incident to your bank, such as SBI at 1800-11-1109 or HDFC at 1800-202-6161. Change your banking passwords and contact the cybercrime helpline at 1930.

How can I identify a WhatsApp CEO impersonation scam?

Look for inconsistencies in the profile picture, check for different phone numbers used, and be wary of requests that create a false sense of urgency without prior communication.

How do I report this type of scam in India?

You can report it by contacting the cybercrime helpline at 1930 or by filing a complaint at cybercrime.gov.in. Additionally, inform your bank about the fraud.

How can I recover money or protect accounts after this scam?

Contact your bank immediately to report the fraud and ask for assistance in recovering funds. Also, monitor your accounts for suspicious activity and change passwords for security.

WhatsApp CEO Impersonation Payment Request

INDIA — By BharatSecure Threat Intelligence Team · Updated May 29, 2026

Verdict: Suspicious | Risk Score: 7/10 | Severity: high

Category: UPI, WhatsApp

How WhatsApp CEO Impersonation Payment Request Works

Overview: This scam sees fraudsters gain access to executive images or personal data and create a convincing WhatsApp profile matching a real CEO or director. They then message finance staff requesting confidential, urgent UPI or NEFT payments. The risk is high since WhatsApp is widely trusted for internal business communication, making the scam appear authentic. How It Works: The scammer creates a WhatsApp profile with the executive's actual photograph, real name, and (often) status message. They send messages to staff, usually during work hours, insisting the matter is private and needs fast action. Phrases like 'Can't take calls; in meeting' or '

How This Scam Works — Detailed Explanation

Fraudsters often begin their operations by researching executives of companies, particularly those in finance or senior management positions, using platforms like LinkedIn or company websites. They gather personal details, including photographs and job titles, which they use to create convincing WhatsApp profiles that closely resemble the actual executives. Through social engineering, they often obtain personal contact information, enabling them to initiate communication with finance teams within the organization. This setup is further facilitated by the widespread use of WhatsApp as a trusted communication tool among company employees, making any request that comes via this platform look legitimate and urgent.

Once the scammer has created a fake WhatsApp profile, they employ psychological tactics to manipulate the victims. They craft messages that mimic the tone and style of the real executive, often incorporating urgency and confidentiality into their requests. For instance, they might pose an unexpected payment issue requiring immediate resolution, thus creating a sense of panic. The intimidating use of authority, coupled with the suggestion that this is a privileged conversation, further pressures finance employees to act quickly without verifying the authenticity of the request. This psychological play leads victims to overlook critical red flags, putting their companies at risk.

As the scam unfolds, victims receive messages requesting them to make a UPI or NEFT payment to an account supposedly related to an urgent matter, such as a supplier payment or tax compliance. An example from India highlighted that an employee at a major corporation fell into this trap, transferring ₹20 lakh to a fraudster's account after receiving an urgent request from a fake WhatsApp account purportedly belonging to the CFO of the company. Victims might only realize they have been duped after the transaction is completed, with the fraudster disappearing into anonymity soon after, leaving the employees distressed and their companies financially compromised.

The real-world impact of these scams is significant. According to the Ministry of Home Affairs (MHA), India saw an increase in UPI fraud cases, with estimated losses surpassing ₹1,000 crore in recent years due to various fraud techniques, including CEO impersonation scams. The Reserve Bank of India (RBI) and CERT-In have issued guidelines warning financial institutions and users about the rising instances of such scams. The scam remains a critical issue, with countless companies suffering reputational damage and financial losses. Victims are urged to take precautionary measures and be vigilant when processing urgent transactions directed through platforms like WhatsApp.

To identify potential scams, one must be discerning when it comes to communications that request financial actions. Legitimate requests usually come with formal documentation and can be double-checked through established channels within the organization. Always verify any unusual payment requests by contacting the individual through official channels — do not rely on the WhatsApp communication alone. Establishing a clear protocol for financial transactions within your organization can also be a vital step to prevent falling victim to such scams.

Visual Intelligence:

BharatSecure's AI has identified this as a used in scams targeting Indian users.

Who Does WhatsApp CEO Impersonation Payment Request Target?

General public across India

What To Do If You Encounter WhatsApp CEO Impersonation Payment Request

Report the incident immediately by calling the cybercrime helpline at 1930 or visiting cybercrime.gov.in.
Notify your bank about the potential fraud to attempt transaction reversal or freezing of accounts.
Verify the identity of the person making the payment request via a separate communication channel.
Educate your finance team about the possibility of such scams and how to identify them.
Implement a dual verification process for any transactions over a certain amount.
Regularly train staff to recognize and respond to phishing and impersonation attempts.

How to Report WhatsApp CEO Impersonation Payment Request in India

Call 1930 — National Cyber Crime Helpline (24x7)
File a complaint at cybercrime.gov.in
Contact your bank immediately if money was lost
Call RBI helpline: 14440 for banking fraud

Frequently Asked Questions

What to do if I shared my OTP in a UPI scam?: Immediately report the incident to your bank, such as SBI at 1800-11-1109 or HDFC at 1800-202-6161. Change your banking passwords and contact the cybercrime helpline at 1930.
How can I identify a WhatsApp CEO impersonation scam?: Look for inconsistencies in the profile picture, check for different phone numbers used, and be wary of requests that create a false sense of urgency without prior communication.
How do I report this type of scam in India?: You can report it by contacting the cybercrime helpline at 1930 or by filing a complaint at cybercrime.gov.in. Additionally, inform your bank about the fraud.
How can I recover money or protect accounts after this scam?: Contact your bank immediately to report the fraud and ask for assistance in recovering funds. Also, monitor your accounts for suspicious activity and change passwords for security.

Related Scams in India

Verify Any Suspicious Message

Check any suspicious message, link, or call for free at bharatsecure.app. BharatSecure uses AI to detect scams in real-time and protect Indian users.