A Kolkata-based retail company has allegedly lost ₹1.5 crore in a CEO impersonation cyber fraud after an employee received an urgent WhatsApp payment instruction from someone posing as the company’s Managing Director.
According to police, the sender used the actual Managing Director’s profile photograph on an unknown WhatsApp number to make the communication appear genuine.
Fake MD Identity Used on WhatsApp
An employee working in the company’s accounts department allegedly received a WhatsApp message from an unfamiliar mobile number.
The account displayed:
- The Managing Director’s profile photograph
- A name resembling the senior executive’s identity
- An urgent business payment instruction
Police allege that the fraudster posed as the company’s MD and asked the employee to immediately transfer funds to a specified bank account.
₹1.5 Crore Transferred Through RTGS
Believing the instruction to be authentic, the employee transferred ₹1.5 crore through RTGS.
The money was reportedly sent to an account maintained with ICICI Bank.
Preliminary investigation indicates that the beneficiary account is linked to a private digital solutions company.
Investigators are examining:
- Account-opening documents
- Beneficial ownership
- Directors of the beneficiary company
- Subsequent fund transfers
- Cash withdrawals
- Links with other suspicious accounts
Fraud Detected the Following Day
The alleged fraud came to light the next day when the company’s actual Managing Director confirmed that no payment instruction had been issued.
Following this internal verification, the company approached Girish Park Police Station and lodged a complaint.
The matter is now being investigated by the Kolkata Police Cyber Cell.
Organised Cybercrime Network Suspected
Police are examining whether the incident was carried out by an organised cybercrime syndicate specialising in executive impersonation and corporate payment fraud.
Such groups commonly:
- Copy executive names and profile photos
- Use lookalike or unfamiliar mobile numbers
- Create artificial urgency
- Target accounts or finance employees
- Route money through business or mule accounts
- Rapidly layer the funds through additional accounts
The beneficiary company and its banking activity are expected to be central to the investigation.
Case Registered Under BNS and IT Act
Police said a case has been registered under relevant provisions of:
- Bharatiya Nyaya Sanhita, 2023
- Information Technology Act, 2000
Investigators are analysing:
- WhatsApp communication records
- Bank transactions
- Mobile numbers
- IP addresses
- Digital devices
- Beneficiary account activity
- Communication between suspected participants
Further legal action will depend on the evidence collected.
Why CEO Impersonation Scams Work
CEO impersonation frauds exploit workplace hierarchy and urgency.
Employees may act quickly because the message appears to come from a senior executive and may include claims such as:
- The payment is confidential.
- The transaction is urgent.
- The executive is unavailable for a call.
- A new vendor must be paid immediately.
- Delay could affect an important business deal.
Fraudsters deliberately use these pressures to bypass normal financial controls.
Profile Photos Do Not Prove Identity
A WhatsApp name or profile photo can be copied easily and does not verify who controls the account.
Employees should treat every payment request from a new or unverified number as suspicious, even when:
- The display name is correct
- The profile photograph matches
- The message uses familiar business language
- The sender claims urgency
- The beneficiary appears to be a company
Verification should always take place through an independently stored official number.
High-Value Transactions Need Multiple Approvals
Companies should require the following for high-value payments:
- Maker-checker authorisation
- Direct call-back to the executive
- Approval through official enterprise systems
- Independent beneficiary verification
- Dual banking authorisation
- Written supporting documents
- Defined transaction limits
No substantial payment should be made solely on the basis of WhatsApp, SMS or email instructions.
Immediate Steps After Discovering Fraud
Where a fraudulent transfer is identified, the company should immediately:
- Inform the remitting bank
- Request recall and beneficiary-account freezing
- Report the fraud through the 1930 cybercrime helpline
- Preserve chats, screenshots and call records
- Secure corporate email and messaging accounts
- Inform internal audit and legal teams
- Review whether company information was leaked
Rapid reporting can improve the possibility of freezing funds before they are transferred further.
Conclusion
The Kolkata case highlights the growing use of executive impersonation to manipulate finance employees into processing high-value transfers.
Police are continuing to trace the beneficiary account, ultimate recipients and any organised network behind the alleged ₹1.5 crore fraud.
The allegations remain subject to investigation and judicial proceedings.
Shunyatax Global Insight
Shunyatax Global says that CEO impersonation fraud is preventable when companies separate communication from authorisation.
Every organisation should adopt a written policy stating that WhatsApp and email cannot independently approve high-value payments. Any instruction involving a new beneficiary, unusual amount or urgent transfer should require direct call-back verification, dual approval and independent confirmation through official banking and accounting systems.