A single word spoken casually, almost reflexively is emerging as a new vulnerability in India’s fast-digitising financial system. Cybercrime investigators and security experts warn that “Yes Scams,” a form of voice-based fraud, are exploiting everyday phone conversations to bypass safeguards, often without victims realising anything has gone wrong until it is too late.
A Fraud That Begins With an Ordinary Call
The calls are deliberately unremarkable. An unfamiliar number flashes on the screen. The voice on the other end asks something routine: Can you hear me? Is this a good time to talk? Are you Mr. X? For most people, responding “yes” is instinctive. For cybercriminals, it can be the opening they need.
In what has come to be known as the “Yes Scam” or voice-recording fraud, scammers record a victim’s affirmative response and later reuse it to impersonate consent or identity. Unlike traditional phishing, which often relies on suspicious links or requests for passwords and one-time passwords (OTPs), this scam exploits the growing reliance on voice authentication in banking, telecom, and digital services. Cybersecurity professionals say the simplicity of the method is precisely what makes it effective and difficult to detect.
When Voice Becomes a Credential
Voice-based verification has expanded rapidly alongside digital banking and remote customer service. In some systems, spoken confirmation is enough to authorise requests, initiate transactions, or validate account access.
According to cyber experts, scammers capitalise on this shift by harvesting short voice clips especially affirmative words like “yes” and replaying or digitally manipulating them to simulate legitimate user approval. In advanced cases, the recordings can be layered with other stolen data to open fraudulent accounts, extract money, or even secure loans in a victim’s name.
The danger, specialists warn, is that no OTP, suspicious link, or explicit disclosure of personal details is required.
“Your voice alone can become the instrument of fraud,” one expert noted.
Why Victims Often Don’t Know They’ve Been Targeted
Unlike instant debit alerts or failed login notifications, the effects of a Yes Scam can surface slowly. Transactions may be processed later, accounts may be opened silently, or liabilities may appear without any obvious trigger.
This delay is one reason the scam is considered particularly dangerous for ordinary users. Many victims do not connect a brief, harmless-seeming phone call with financial harm discovered days or weeks later.
Cybercrime helplines report that complaints often begin with confusion rather than certainty a sense that something is wrong, without clarity about how it started.
Caution, Reporting, and the Limits of Awareness
Security advisories increasingly urge people to avoid saying “yes,” “ji,” or similar affirmations during unsolicited calls. Instead, experts recommend responding with neutral questions,” Who is calling? What do you want?” or disconnecting immediately if the call feels suspicious.
Authorities also stress the importance of early reporting. Victims who suspect voice-based fraud are advised to notify their bank at once and lodge a complaint with cybercrime helplines. Timely information, officials say, can sometimes prevent larger losses and help investigators trace patterns across cases.
