The National Cybercrime Threat Analytics Unit of the Indian Cyber Crime Coordination Centre has issued an advisory warning that cybercriminals are increasingly using artificial intelligence to create deepfake videos and synthetic identities to target financial authentication systems. The advisory, dated 10 June 2026, says such tools may be exploited to bypass facial authentication, liveness checks, Video-KYC, account recovery systems and access controls for financial and digital services.
Fraudsters Using Video Calls and Social Engineering
According to the advisory, fraudsters may try to obtain facial recordings through deceptive video calls, fake online job interviews, social media contact, dating platforms, messaging applications, job portals or phone calls. Victims may be persuaded to perform facial movements such as looking at the screen, turning their head, blinking or speaking, while the interaction is secretly recorded.
FCRF’s Flagship Cyber Law Certification Returns With a New Four-Week Cohort
The advisory says facial data may also be collected from public platforms. Once obtained, the video can be processed through AI-based tools to generate a realistic digital replica capable of imitating facial movements, expressions, eye blinks and voice.
Deepfakes May Be Used to Bypass KYC
The advisory outlines a sequence in which synthetic media may be used to attempt security bypasses where deepfake detection is absent. Such material could be deployed against facial authentication and liveness verification systems, raising concerns for financial institutions and digital service providers.
It further warns that fraudulent KYC and digital wallet activation could follow if identity verification processes are bypassed. This may allow the creation or activation of financial accounts that could later be misused for financial fraud or other malicious activity.
Security Measures Recommended for Users and Platforms
The advisory has recommended that customer onboarding systems, including those used by fintech companies, integrate detection mechanisms for deepfakes and synthetically generated content. It also advises users to lock their biometric profile, describing it as the strongest defence against this form of remote identity theft.
Users have been asked to monitor email notifications for unauthorized login or authentication attempts and immediately report suspicious financial activity or identity theft through the national cybercrime reporting portal. The advisory also asks users to provide the fraudster’s contact number and video link where available.
The advisory further cautions that sudden loss of mobile network connectivity should be reported to the telecom provider immediately to rule out a possible fraudulent SIM swap. It clarifies that the note is meant to raise awareness about emerging AI-enabled identity fraud techniques and does not imply compromise or vulnerability of any specific organization, platform or service.
