Hyderabad’s Cyberabad cybercrime police are investigating a major case of corporate fraud after senior executives at Greenko Group were duped into transferring ₹2.7 crore through a WhatsApp impersonation scam. The fraudsters impersonated Managing Director Anil Kumar Chalamalasetty using his photo and deceptive messaging to convince company officials to authorize high-value fund transfers.
The fraud was carried out in two phases during the first week of June. On June 2, the impersonator messaged Chief Financial Officer (CFO) Subrat Das using a display picture of the MD and requested an urgent payment of ₹1.95 crore. Following internal protocols, the CFO escalated the request to Chief Finance Controller Virendra Kasliwal, who instructed Senior General Manager Sripada Chandra Sekhar to release the funds. The money was transferred to an account under the name ONITSUKA Developers Pvt Ltd.
A similar strategy was used again on June 5, leading to another transfer of ₹75 lakh to an account belonging to Classic Constructions. The fraud came to light later that day when the payment details were shared with the MD’s office, only to discover that the request had never been made by the actual MD.
FCRF x CERT-In Roll Out National Cyber Crisis Management Course to Prepare India’s Digital Defenders
Fraud Tactics: Stolen Identity and Social Engineering
The cybercriminals used two mobile numbers with local Indian prefixes and a WhatsApp profile picture of the MD to create a believable facade. The use of common business communication tools like WhatsApp and the urgency of the tone played a key role in manipulating company hierarchy and fast-tracking fund approvals.
The impersonators bypassed security by exploiting trust within the organization and presenting themselves as the top executive. By carefully timing the requests and using language resembling corporate communication, they managed to avoid suspicion—at least initially.
The fraudsters’ tactics fall under the growing trend of “business executive impersonation” frauds, where criminals exploit the familiarity of internal communication platforms to manipulate lower-level staff into acting on false directives.
A formal case has been registered under multiple sections of the Bharatiya Nyaya Sanhita (BNS), including charges related to cheating, criminal impersonation, forgery, and criminal conspiracy. Section 66-D of the Information Technology Act, which deals with impersonation using communication devices, has also been invoked.
Second Attempt at RCML Averted, Raises Alarm Across Corporate Sector
Just days after the Greenko incident, a similar scam was attempted at Rainbow Children’s Medicare Limited (RCML), where cybercriminals posed as Chairman Dr. Ramesh Kancharla, attempting to engineer a fraudulent transfer of ₹20 lakh.
In this case, the fraud was thwarted in time. The CFO of RCML grew suspicious of the tone and language used in the WhatsApp messages and chose to verify directly with the chairman. Once confirmed that the request was fraudulent, the company reported the attempt to Banjara Hills police station. No financial loss occurred.
Both incidents reflect a rising threat of impersonation scams targeting high-value corporate transactions. Experts warn that with the increasing reliance on messaging platforms for business communication, organizations must implement multi-layered verification protocols and train staff to identify signs of social engineering.