
4 min readMumbaiJul 17, 2026 07:18 PM IST
Highlighting the growing sophistication of cyber-enabled financial crimes, SEBI said that companies should not rely solely on digital communications when authorising financial transactions. (File Photo)
The Securities and Exchange Board of India (SEBI) has cautioned regulated entities and listed companies against a rapidly emerging cyber fraud known as the ‘Boss Scam’, in which fraudsters impersonate CEO or managing director to carry out the crime.
Acting on inputs from the Indian Cyber Crime Coordination Centre (I4C), the market regulator has urged organisations to strengthen internal verification procedures as fraudsters increasingly exploit artificial intelligence, deepfake technology and malicious software to deceive finance officials into transferring funds.
In a press statement issued on Friday, SEBI said cybercriminals are targeting chief executive officers, managing directors and other senior officials by impersonating them through email, WhatsApp, Microsoft Teams and other social media platforms.
The fraudsters send convincing messages or place fake calls to employees, particularly those handling financial transactions, instructing them to make urgent payments to bank accounts controlled by criminals.
According to SEBI, the scam typically follows two distinct methods. In the first, fraudsters use advanced deepfake technology, including AI-generated voice cloning and manipulated video calls, to convincingly imitate senior executives.
They may also create fake social media groups or messaging accounts that appear to belong to company leadership. Employees receiving such communications are often pressured into executing immediate fund transfers, with instructions sometimes accompanied by warnings not to disclose the transaction because it allegedly involves unpublished price-sensitive information, it said.
The second method involves the distribution of malicious compressed (.zip) files containing executable (.exe) and Dynamic Link Library (.dll) files. These files, once downloaded and opened on Windows computers, install malware capable of compromising the victim’s device. The malware functions as a Trojan dropper, enabling attackers to hijack active WhatsApp Web session tokens and gain unauthorised access to the finance officer’s messaging account, SEBI said.
Story continues below this ad
Once access is obtained, fraudsters use the compromised account to contact other finance or accounts personnel, directing them to transfer money to designated mule bank accounts.
In more sophisticated attacks, cybercriminals who gain complete control of a device reportedly alter the victim’s contact list by saving the fraudster’s number under the name of the company’s CEO or Managing Director.
This makes fraudulent payment instructions appear to originate from a trusted senior executive, increasing the likelihood of successful deception.
Don’t rely solely on digital communication
Highlighting the growing sophistication of cyber-enabled financial crimes, SEBI said that companies should not rely solely on digital communications when authorising financial transactions. Instead, all requests received through WhatsApp, email or other social media platforms should be independently verified by directly calling the concerned senior official before any action is taken.
Story continues below this ad
The regulator also advised organisations not to install executable files without first confirming the sender’s identity, even if the message appears to originate from a known contact.
Employees have been urged to log out of unused WhatsApp Web sessions to reduce the risk of account hijacking and unauthorised access.
In the event of any suspected cyber fraud or attempted scam, SEBI advised companies and individuals to immediately report the incident by dialling the national cybercrime helpline, 1930, or by lodging a complaint through the government’s cybercrime reporting portal.
The advisory reflects growing concern among authorities over the increasing use of artificial intelligence and sophisticated malware in financial frauds.
Story continues below this ad
With listed companies and regulated entities handling large volumes of financial transactions, SEBI emphasised that stronger cyber awareness, strict verification protocols and prompt reporting of suspicious activities remain essential to protecting organisations from evolving cyber threats.
© The Indian Express Pvt Ltd
George Mathew is an Associate Editor with The Indian Express, based in Mumbai. A veteran of financial journalism with nearly three decades of experience, he is one of the country’s most authoritative voices on banking, regulation, and the corporate sector.
Expertise & Focus Areas Mathew’s reporting covers the nerve center of India’s economy. His specialized beats include:
The Reserve Bank of India (RBI): He has tracked the central bank's policy evolution through the tenures of multiple Governors, offering deep insights into monetary policy, repo rates, and banking regulation.
Banking & Insurance: Extensive coverage of public and private sector banks, non-performing assets (NPAs), and key legislative reforms like the Insurance Amendment Bills.
Corporate Affairs: Mathew frequently breaks major stories related to India's largest conglomerates, with a specific focus on the Tata Group, documenting boardroom shifts and strategic decisions.
Financial Markets: Reporting on the complexities of Foreign Portfolio Investors (FPIs), IPOs, and currency fluctuations.
Authoritativeness & Insight With a career dating back to the late 1990s, Mathew possesses a rare institutional memory of India’s financial liberalization and market crises. His work is not limited to daily news; he frequently contributes to the "Explained" section, where he decodes complex financial legislations and market trends for a broader audience. His rigorous reporting has also been featured in scholarly platforms like the Economic and Political Weekly (EPW).
Find all stories by George Mathew here ... Read More
View original source — Indian Express ↗
