Got WhatsApp message from your boss asking for money? Beware, it might be scam

HIGHLIGHTS

Scammers use a boss's hacked WhatsApp account to ask employees for urgent payments.

They take over the boss's account and send fake payment requests.

Verify requests, avoid suspicious files, and enable two-factor authentication.

Got WhatsApp message from your boss asking for money? Beware, it might be scam

Has your boss ever asked you to make an urgent payment for them, that too over WhatsApp? If NO, then it can soon become a reality. A new scam is recently on the rise where scammers impersonate your boss and send you a message to make an urgent payment. What’s more concerning is that the message comes from their real account, sounds genuine and carries the authority of senior management. Under such extreme pressure most of us won’t even think twice before making a move, but that’s where we fall into the scam. Here’s everything you need to know about the Boss scam and how you can stay safe from it.

Digit.in Survey
✅ Thank you for completing the survey!

What is Boss Scam?

India’s cybercrime agency, the Indian Cyber Crime Coordination Centre (I4C), has warned people about a new online fraud called the Boss Scam. The agency shared this warning through its official X account, CyberDost I4C.

In the Boss Scam, cybercriminals pretend to be a company’s boss or senior executive to trick employees into sending money. Unlike older scams that used fake email addresses or phone numbers, this scam can involve messages sent from the boss’s real WhatsApp account if it has been hacked.

Also read: Amazon Prime Day sale: Best deals on TVs, projectors, washing machines, refrigerators, ACs and robot vacuums

How Boss Scam works

How Boss Scam works

The attack usually starts simple as scammers pretend to be officials from the RBI and contact CEOs through email or WhatsApp. The message usually says that there is an urgent issue with their finances and they should review it as soon as possible, and with that, they also send a ZIP file containing an executable (.exe) file and a dynamic link library (.dll) file.

If your CEO opens that file on their Windows computer, then malware takes over the control of their device. Following that, the scammers steal the CEO’s WhatsApp Web session and send messages to the people from their finance staff, asking them to foot a bill or transfer money urgently. Since the messages come from the CEO’s account, employees may trust them and send the money.

Also read: Last chance to play these Xbox Game Pass games before they leave: Check the full list

How to stay safe

If you want to stay safe against such scams, then it’s pretty simple. Just follow the easy tips below:

  • Never approve urgent payments based only on a WhatsApp message or email, even if it comes from a senior executive.
  • Always confirm such requests through a phone call, video call or in-person conversation.
  • Make sure that you or your employees don’t download or run executable files received from unknown sources. 
  • You can also ask your IT team to restrict unauthorised software from running on office devices and regularly update security measures.
  • Ensure that you have dual authentication on your accounts.

Bhaskar Sharma

Bhaskar Sharma

Bhaskar is a senior copy editor at Digit India, where he simplifies complex tech topics across iOS, Android, macOS, Windows, and emerging consumer tech. His work has appeared in iGeeksBlog, GuidingTech, and other publications, and he previously served as an assistant editor at TechBloat and TechReloaded. A B.Tech graduate and full-time tech writer, he is known for clear, practical guides and explainers. View Full Profile