The first week of April 2026 saw a surge in sophisticated cybercrimes globally. This report compiles the latest breaches, frauds, and alerts across different regions.
Corporate and WhatsApp Impersonation Frauds
WhatsApp impersonation fraud, a sophisticated scam, targets corporate executives. The fraud begins with phishing emails that carry malware. This malware grants attackers remote access to devices. Exploiting active WhatsApp Web sessions, attackers impersonate senior executives like CEOs or CFOs. They then instruct accountants to transfer funds urgently. Hyderabad reports multiple incidents, prompting police to advise verification of financial instructions through phone calls. Logging out of WhatsApp Web after use is also recommended. Victims are urged to report incidents to the national cybercrime helpline (1930).
Corporate and WhatsApp Impersonation Frauds
Corporate and WhatsApp impersonation frauds have emerged as significant threats. In Hyderabad, Police Commissioner VC Sajjanar warned of a new tactic: ‘WhatsApp impersonation fraud.’ This scam begins with phishing emails sent to corporate executives, which install malware granting remote access to the victim’s device. Attackers then exploit active WhatsApp Web sessions to impersonate senior executives, such as CEOs or CFOs, and instruct accountants to transfer funds urgently. Multiple incidents have been reported in Hyderabad, prompting police to advise organizations to verify financial instructions via phone calls and log out of WhatsApp Web after use. Victims are urged to report incidents to the national cybercrime helpline (1930).
In another WhatsApp scam, a 24-year-old Mulund resident, Parth Pawar, lost Rs 2,99,500 after being duped by fraudsters posing as sales representatives of ‘Elite Best Company Group.’ The scammers demanded multiple payments under various pretexts (e.g., shipping charges, customs duty) over four months, ultimately disappearing without delivering the phone. The case highlights the trend of ‘layered payment scams,’ where victims are coerced into incremental payments. Police have registered a case under the IT Act and Bharatiya Nyaya Sanhita.
Cyber Threats Targeting Vulnerable Groups
The Indian diaspora in the US has faced a sharp increase in cyber threats, with complaints rising from 8 in 2024 to 613 in 2025, according to the Ministry of External Affairs. Scammers impersonate US immigration officials (e.g., USCIS, ICE) or law firms, exploiting fears around visa status, SEVIS terminations, and deportation threats. Victims report receiving aggressive calls demanding immediate payments to avoid legal action. Immigration attorney Ana Gabriela Urizar advises verifying such claims through official channels, as scammers use real immigration terminology and spoofed numbers to appear credible.
This surge in cyber threats against Indians in the US is attributed to recent policy changes and increased scrutiny. Scammers capitalize on the fear and uncertainty surrounding visa and immigration issues, making their threats more convincing. Many victims are students or recent immigrants, who are particularly vulnerable due to their lack of familiarity with the US legal system and immigration procedures. The scammers often demand payments through gift cards, cryptocurrency, or wire transfers, making the transactions difficult to trace and recover.
To combat these threats, several measures are being implemented. The Indian embassy and consulates in the US are conducting awareness campaigns, urging the community to be cautious of unsolicited calls and emails. They advise verifying any immigration-related communication directly with USCIS or the relevant authorities. Additionally, the Indian government is collaborating with US law enforcement agencies to track and prosecute these scammers. Community organizations are also playing a role by providing support and resources to affected individuals.
In one notable case, a student received a call claiming to be from USCIS, stating that there were discrepancies in his visa application. The caller threatened deportation unless a payment of $5,000 was made immediately. The student, panicked, followed the instructions and transferred the money. It was only later, after contacting the actual USCIS, that he realized he had been scammed. Such incidents highlight the need for vigilance and the importance of verifying any requests for payment or personal information.
The cyber threats targeting the Indian diaspora in the US underscore a broader issue of scammers preying on vulnerable groups. Similar tactics are used against other immigrant communities, as well as elderly individuals and students. The common thread in these scams is the exploitation of fear and urgency to coerce victims into making hasty decisions. Education and awareness remain the best defenses against these evolving threats.
Job Scams and Phishing Campaigns
Phishing campaigns impersonating Coca-Cola and Ferrari have surged amid rising unemployment, with scammers using fake job offers to steal credentials. The Coca-Cola scam lures victims with a Calendly scheduling page, then redirects them to a fake Google login (designed to bypass MFA) to harvest corporate Workspace accounts. The Ferrari scam uses a fake career portal to steal Facebook credentials via OAuth phishing. Both campaigns exploit the desperation of job seekers, with the FTC reporting losses from job scams rising from $90M in 2020 to $501M in 2024. Experts advise verifying job offers directly with companies and inspecting URLs for authenticity.
Final words
The incidents reported in early April 2026 underscore the diverse and evolving nature of cyber threats. Key takeaways for individuals and organizations include:
- Verify unsolicited offers through official channels.
- Secure authentication methods and monitor financial activity.
- Educate vulnerable groups and report cybercrimes promptly.
As cybercriminals refine their tactics, collaboration between law enforcement, financial institutions, and the public remains critical to combating these threats. Stay informed, stay vigilant.