The Telangana Cyber Security Bureau (TGCSB) has issued an alert regarding a rising cyber fraud trend dubbed the “Boss Scam” or CEO Impersonation Fraud. Cybercriminals are using malicious files sent via email and WhatsApp, posing as urgent regulatory or compliance-related messages to target senior executives, government officials, and business leaders. This trend has led to over 300 complaints nationwide in just under 20 days, signifying a notable surge in such incidents.
Director of TGCSB, Shikha Goel, explained that the scam involves sending emails or messages with malicious ZIP/RAR files disguised as official documents, which upon opening, install malware granting unauthorized access to the victim’s device. Subsequently, cybercriminals impersonate senior officials to issue fraudulent instructions, pressuring victims into making immediate financial transfers or sharing confidential data. Recognizable warning signs include unexpected attachments, urgent messages, requests for financial transactions, and instructions solely via email or WhatsApp.
To safeguard against such scams, Goel recommended verifying financial instructions through direct calls or official channels, avoiding suspicious attachments from unknown sources, monitoring active Web WhatsApp sessions, enabling Multi-Factor Authentication (MFA), adhering to established financial transaction procedures, and providing regular cyber awareness training to employees. In case of suspicion, individuals are advised not to respond, open attachments, verify requests independently, inform the IT/Security team promptly, retain evidence, and report incidents promptly.
