Hyderabad: City Police Commissioner V C Sajjanar warned companies about a surge in WhatsApp impersonation fraud targeting senior executives and finance staff in Hyderabad.
He said cybercriminals sent phishing links to official email accounts of CEOs, CFOs, and accountants. Once users clicked them, attackers installed malware and gained remote access to systems.
After gaining control, fraudsters accessed active WhatsApp Web sessions and sent messages posing as top executives. They then instructed accountants to transfer large sums on an urgent basis.
WhatsApp impersonation fraud uses malware and social engineering tactics
Further, Sajjanar said the attackers used social engineering tactics to avoid suspicion. They claimed to be in meetings and unable to take calls, thereby pushing staff to act quickly.
Since messages appeared to come from genuine accounts, employees often trusted them and processed payments. As a result, several such fraud cases surfaced within the Hyderabad Commissionerate limits.
Meanwhile, he urged companies to verify all financial requests through direct calls before making transactions. He stressed that staff should not rely solely on WhatsApp messages, even if they appeared authentic.
In addition, he advised firms to install strong firewalls and updated antivirus software on office systems. He also asked users to log out of WhatsApp Web after each session to prevent misuse.
Authorities said victims of cyber fraud should immediately call the 1930 helpline or file complaints on the national cybercrime portal.
Cybercriminals have launched a new type of WhatsApp Impersonation Fraud specifically targeting business heads, CEOs, CFOs, and accountants of large corporations. By sending malicious phishing links to official email addresses, they are infiltrating computers with malware to gain… https://t.co/3i8NwxALPY
— V.C. Sajjanar, IPS (@SajjanarVC_IPS) April 4, 2026