Pune: In a striking case that highlights the evolving sophistication of cybercrime, a poultry company in Pune has fallen victim to a ‘whale phishing’ attack, losing approximately ₹70 lakh in a carefully orchestrated fraud. The incident has raised serious concerns about rising cyber threats in the corporate sector, where attackers are increasingly using advanced techniques to exploit internal communication systems.
FCRF Academy Launches Premier Anti-Money Laundering Certification Program
According to details, the fraudsters first compromised the mobile phone of the company’s accountant. By gaining access to his device, they manipulated his contact list and exploited existing communication channels to impersonate the company’s Chief Executive Officer (CEO). Using the CEO’s name and display picture on WhatsApp, the attackers sent convincing messages instructing the accountant to transfer funds.
Fraud executed through trusted WhatsApp conversation
The incident occurred on the afternoon of April 15, when the accountant received a WhatsApp message appearing to be from the CEO. What made the scam particularly convincing was that the message was sent within an existing chat thread, mimicking previous conversations and communication patterns.
The message instructed the accountant to transfer ₹70 lakh to a specified bank account. Trusting the authenticity of the request, the accountant processed the transaction. Shortly afterward, another message followed, asking for an additional ₹30 lakh transfer to a different account.
This time, suspicion arose, prompting the accountant to verify the request. It was then discovered that the company had already been defrauded, and the initial ₹70 lakh had been transferred to accounts controlled by the cybercriminals.
Phone hacking and identity theft
Preliminary findings suggest that the attackers had already gained unauthorized access to the accountant’s phone before executing the scam. This access allowed them to monitor communications, alter contact details, and seamlessly insert themselves into ongoing conversations.
By exploiting internal communication channels, the fraudsters created a convincing illusion of legitimacy. Experts describe this as an advanced form of whale phishing—a targeted cyberattack where senior executives or key decision-makers are impersonated to trick employees into authorizing large financial transactions.
Use of mule accounts to obscure money trail
The stolen funds were routed through multiple mule accounts—bank accounts typically opened using fake or rented identities—to make tracking and recovery difficult. Such operations are often carried out by organized cybercrime networks that combine technical expertise with psychological manipulation.
Following the incident, the company filed a complaint with the cybercrime authorities, and an investigation has been initiated. Officials are now analyzing call records, digital footprints, and banking transactions to trace the perpetrators.
Rising trend of corporate-targeted cyber fraud
This case underscores a growing trend where cybercriminals are shifting their focus from individuals to corporate entities. Employees handling finance and accounting functions are particularly vulnerable, as they are often authorized to process high-value transactions.
Renowned cybercrime expert and former IPS officer Prof. Triveni Singh explains, “Whale phishing attacks represent one of the most dangerous forms of social engineering. Criminals gather internal organizational data, build trust, and then exploit that trust to execute large-scale financial fraud. No financial instruction should be acted upon without proper verification.”
Organisations are advised to adopt multi-level authentication systems, including verbal confirmation and internal approval hierarchies, before processing significant transfers. Additionally, enabling two-factor authentication (2FA) and conducting regular cybersecurity training for employees can significantly reduce risks.
