CAs receiving Downloadable Zip Files of “Reconciliation Statement” in Whatsapp Scam, Phone Number Leak suspected [Read Order]

Members of theChartered Accountant (CA) community have recently been subject to a wave of identical scam messages on Whatsapp, with unknown numbers sending downloadable files titled “November Statement.zip” and requesting them for reviewing the Reconciliation Statement.

The senders of the messages masquerade themselves as clients or so and urge recipients to review and verify the sent material at their “earliest convenience”.

The incident came to light after CA Atul Modani posted screenshots on X (formerly Twitter), showing both a WhatsApp message containing a screenshot of the ‘reconciliation statement’ chat and an accompanying fake email alleging “digital arrest” proceedings from the Central Bureau of Investigation (CBI).

Also Read:5.28 Lakh Active Chartered Accountants in India: Is the Profession Facing Oversupply in 2025?

The email was funnily enough signed by a so-called “Mr. Shri Rajesh Kumar, Chief Executive Officer (CBI)”, warning of legal action and imprisonment if the recipient failed to respond within 24 hours.

https://x.com/atulmodani/status/2003662923449979191

Following Modani’s post, several professionals replied with similar screenshots confirming they had received the exact same message and attachment. Numerous CAs shared matching evidence, suggesting a coordinated phishing campaign with the same modus.

The messages are seemingly sent from both business and personal accounts.

Digital phishing and hacking methods are not uncommon, however recent scams point towards advising recipients to download “.apk” files or similar malware onto their phones which can then be used to execute phishing.

Because one wrong link between GSTR-1, 2B and 3B can trigger a notice. Click here

Several professionals have raised concerns that their contact information may have been leaked from professional or regulatory databases, as the scam specifically targets members of the accounting community.

One of the commenters, who is a CA himself stated that personal data of the chartered accountants had been shared by the candidates contesting for the Central Council and Regional Council Member positions, which were later shared in the open market. However,

How can you Avoid these Scammers?

Professionals are advised to exercise extreme caution when receiving any downloadable files especially .zip, .rar, or .apk attachments from unknown or unverified numbers.

Never install or open such files on your phone or computer. Always look out for red flags like poor grammar, awkward phrasing and references to non-existent officials or designations such as “CEO of CBI.”

A quick Google search of the sender’s details or quoted text can often confirm a scam instantly.

Most fraudulent messages also try to create panic or urgency, demanding immediate action or payment - a classic method used in phishing and ransomware attempts. Staying alert, verifying before clicking, and reporting suspicious messages to cyber authorities are the best safeguards against evolving threats.

Also Read:ICAI Issues Handbook on Interest, Late Fee and Penalties under GST - December 2025 Edition

The fake “CBI” message, meanwhile, is reminiscent of recent cyber extortion scams where fraudsters impersonate officials to induce panic. The CBI does not have a Chief Executive Officer, nor does it issue legal warnings through email or WhatsApp.

Digital scams are not uncommon, however when multiple members of a particular community or profession receive being targeted in the exact same manner, it reveals a widespread pattern of profession-specific cyber targeting, with fraudsters leveraging realistic financial terminology and communication templates to compromise sensitive data.

Support our journalism by subscribing to Taxscan premium. Follow us on Telegram for quick updates