Pune Faces Wave of Whale Phishing Scams: Cyber Criminals Targeting Top Executives


In a concerning trend, cybercriminals have been employing sophisticated tactics to defraud several Pune-based companies by impersonating their Chief Executive Officers (CEOs). These scams, known as ‘spear phishing’ or ‘whale phishing’ attacks, often referred to as ‘CEO scams,’ have resulted in substantial financial losses. Here, we detail the modus operandi of these cyber crooks and their impact on the region.

Exploiting Trust and Urgency

The cybercriminals behind these scams have adopted a cunning approach to deceive senior officials within these Pune-based organizations. They use phone numbers and email addresses that mimic those of the company’s CEO, making it challenging for victims to recognize the fraudulent nature of these communications.

The cyber attackers employ various tactics, including messages such as, “THIS IS my very personal number. Do not share with anyone,” and “Immediately make these transfers and do not disturb me at all. I am in an important meeting.” These messages play on the anxiety and sense of obedience often associated with responding promptly to the CEO’s instructions.

Rising Incidents and Warning to Private Companies

The region has witnessed a surge in these CEO scams, with several cases reported since July of the previous year. Local law enforcement, including Pune and Pimpri Chinchwad police, have been actively investigating these incidents. Notably, one of these scams targeted the Serum Institute of India (SII), a global leader in Covid-19 vaccine supply and the world’s largest vaccine manufacturer.

In this case, a director at SII received a WhatsApp message purportedly from the CEO, instructing the transfer of funds to multiple bank accounts. Believing the message to be authentic, the director initiated online transfers totalling Rs 1,01,01,554 to specified accounts across various locations in India. However, it later emerged that the CEO had not issued such instructions, nor was the message sent from his mobile number. The company reported the incident to Pune police.

Subsequently, in late November 2022, seven individuals, including two engineers, a science graduate, and a bank employee, were arrested in connection with these scams. However, the masterminds behind these operations continue to elude law enforcement, and there are indications of potential links to foreign operatives.

Varied Targets, Similar Methods

These CEO scams are not limited to specific industries or sectors. In July of the previous year, a software solutions company in Pune fell victim to a similar modus operandi, resulting in a loss of Rs 4.7 lakh. Likewise, a prominent real estate firm in Pune suffered a loss of Rs 66 lakh when the Vice President (Accounts) received fraudulent messages requesting fund transfers. Notably, the messages displayed the CEO’s name and photo and were accompanied by requests not to disturb or call due to “important meetings.”

The latest incident involved an architecture firm that lost Rs nine lakh earlier this month, with an employee even depositing cheques into fraudulent accounts after receiving instructions from the fraudulent number. Additionally, Pimpri Chinchwad police are currently investigating two more cases in which an automobile company and a manufacturing firm have been duped in a similar manner over the past two months.

Protecting Against CEO Scams

To safeguard against these scams, companies are advised to adopt stringent cybersecurity measures, including:

Basic Cybersecurity Awareness: Promote cybersecurity awareness within the organization, encouraging employees not to trust unidentified communications.

Verification of Requests: Always verify fund transfer requests, especially those purportedly coming from top executives like CEOs.

Immediate Reporting: If any suspicious activity, particularly fund transfers, occurs, report it to law enforcement promptly to freeze fraudulent accounts and mitigate losses.

Employee Training: Ensure that staff is well-trained in cybersecurity best practices, emphasizing the risks associated with CEO scams.

Need expert guidance? Contact Logix for localized, skilfully crafted simulated phishing campaigns that test your employee’s preparedness against real-life phishing.

In conclusion, the rising wave of CEO scams in Pune underscores the critical importance of cybersecurity vigilance at all levels of an organization. By staying informed and implementing robust security measures, companies can better protect themselves from falling victim to these sophisticated cyberattacks. Stay vigilant and prioritize cybersecurity in today’s digital landscape.

Continue to chat
Hello 👋
Let us know how we can help you!