₹10.40 Crore ‘Boss Scam’ Exposed: Fraudsters Impersonate Senior Executive

The420.in Staff
4 Min Read

Mumbai: A major cyber fraud investigation has exposed a new corporate cybercrime model known as the “Boss Scam”, in which fraudsters allegedly impersonated a senior company executive on WhatsApp and tricked a deputy general manager into transferring ₹10.40 crore through 63 separate bank transactions over 13 days. Mumbai Police have arrested six accused so far, while efforts are underway to identify the masterminds and other members of the organised network.

According to investigators, the victim received a WhatsApp message from an unfamiliar number on June 3. The sender claimed to be the company’s senior executive and said it was his personal phone number. Because the WhatsApp profile displayed the executive’s name and photograph, the victim believed the account was genuine. The impersonator also claimed to be in continuous meetings and instructed the victim not to call for verification.

Over the following days, the fraudster instructed the finance executive to transfer company funds to multiple bank accounts. Believing the instructions were authentic, the victim carried out 63 transactions between June 3 and June 15, transferring a total of ₹10,40,71,924. The fraud came to light only after the victim requested supporting invoices, and the real executive denied issuing any such payment instructions.

India’s Largest Cybercrime Conference Nears: FutureCrime Summit 2026 Set for 6–7 August at Bharat Mandapam

During the investigation, Delhi Police detained two young men attempting to withdraw large amounts of cash from their bank accounts. They allegedly admitted to renting out their accounts to the cybercrime syndicate in exchange for commissions. Their disclosures led investigators to another handler, and the case was subsequently transferred to Mumbai Police, resulting in the arrest of six accused.

Investigators said the syndicate adopted an advanced money-laundering strategy instead of relying solely on mule bank accounts. The stolen funds were first routed through mule accounts and then used to purchase gold jewellery from reputed jewellery stores across multiple states. The gold was subsequently pledged with local lenders to obtain gold loans, and the cash generated from those loans was transferred through fresh bank accounts. Police believe this method significantly disrupted the digital money trail, making it far more difficult to trace the ultimate destination of the stolen funds.

Police further revealed that the gang systematically targeted large corporate organisations. The accused allegedly collected photographs and details of senior executives from company websites before obtaining contact numbers of finance personnel through deceptive phone calls. In several cases, employees were sent .zip files via email or WhatsApp containing malware capable of compromising the victim’s device. Once installed, the malware enabled attackers to manipulate WhatsApp Web sessions and contact lists, allowing them to impersonate senior executives and issue fraudulent payment instructions.

According to renowned cybercrime expert and former IPS officer Prof. Triveni Singh, “The Boss Scam is one of the most sophisticated forms of social engineering, exploiting human trust more than technical vulnerabilities. Cybercriminals create a false sense of urgency by impersonating senior executives and pressuring employees to make immediate financial transfers. Every high-value payment request must be independently verified through official communication channels, such as a direct phone call, video confirmation or established corporate approval procedures. Relying solely on a WhatsApp message, display picture or saved contact name can result in losses worth crores of rupees.”

Investigators have managed to freeze nearly 50% of the defrauded amount, while efforts continue to trace the remaining funds and identify the syndicate’s masterminds. Police believe the operation was carried out by a well-organised interstate cybercrime network that specifically targets weaknesses in corporate financial approval processes.

Stay Connected