The Securities and Exchange Board of India has warned regulated entities and listed companies about an emerging cybercrime trend known as the Boss Scam, or CEO and managing director impersonation fraud, after being alerted by the Indian Cyber Crime Coordination Centre. The fraud involves impersonation of senior executives through email, WhatsApp, Microsoft Teams and other social media channels to pressure subordinates or counterparts into transferring funds to fraudsters' mule accounts. SEBI described two main attack patterns. One uses deepfakes, including voice cloning, artificial intelligence-enabled video impersonation and fake social media groups, to issue transfer instructions, sometimes coupled with directions not to disclose the transaction on the pretext that it may involve unpublished price sensitive information. The other uses a compressed ZIP archive containing malicious executable and DLL files. If opened on a Windows device, the malware can hijack active WhatsApp Web session tokens or enable broader device takeover, allowing fraudsters to contact finance staff from the compromised account or to replace contact details so their number appears under the name of the CEO or managing director. SEBI advised firms to verify requests by calling senior officials, avoid transferring funds solely on the basis of social media instructions, not install executables without verifying the sender, log out unused WhatsApp Web sessions and report incidents through the national cybercrime reporting channels.