MHA warns of rising AI-driven deepfake frauds targeting financial, digital systems

MHA warns of rising AI-driven deepfake frauds targeting financial, digital systems

MHA warns of rising AI-driven deepfake frauds targeting financial, digital systems

The Ministry of Home Affairs has warned that cybercriminals are increasingly using AI-generated deepfakes and synthetic identities to bypass authentication systems, conduct financial fraud and steal identities. Citizens and institutions have been urged to strengthen safeguards and remain vigilant against emerging cyber threats

New Delhi: The Ministry of Home Affairs has issued a fresh advisory warning about the growing misuse of Artificial Intelligence (AI) by cybercriminals to create highly convincing deepfake videos and synthetic identities aimed at compromising financial and digital ecosystems.

According to the advisory issued by the National Cybercrime Threat Analytics Unit (NCTAU) under the Indian Cyber Crime Coordination Centre (I4C) of the Home Ministry, cyber fraudsters are increasingly leveraging advanced AI tools to generate realistic digital impersonations capable of deceiving authentication systems.

“These technologies may be exploited to bypass facial authentication, liveness verification, Video-KYC, account recovery, and unauthorised access to financial and digital services. Fraudsters may attempt to gain unauthorised access to accounts by using facial recordings obtained through deceptive video calls, fake online job interviews or social engineering tactics,” the advisory read.

Elaborating on the pattern observed in such cybercrimes, the NCTAU outlined a multi-stage modus operandi employed by fraudsters. The process often begins with an initial approach through social media networks, messaging platforms, job portals, dating applications, or direct phone calls.

Once communication is established, attackers move to the next phase by gathering facial data. The advisory noted that facial information may already be available through publicly accessible online content. In many cases, however, victims are persuaded to perform specific facial actions such as looking directly at a screen, turning their heads, blinking repeatedly, or speaking on camera.

The collected recordings are then processed using AI-powered deepfake technologies. Through these tools, cybercriminals can create highly realistic digital replicas that mimic a person’s facial expressions, eye movements, gestures, and even their voice.

The advisory warned that if systems lack adequate deepfake detection capabilities, these fabricated identities may be used to bypass facial authentication and liveness verification checks.

Authorities further cautioned that the misuse of such AI-generated content could facilitate fraudulent Know Your Customer (KYC) verification processes. By successfully defeating identity verification safeguards adopted by financial institutions, fraudsters may be able to create, activate or operate financial accounts for illegal purposes.

To counter these evolving threats, the NCTAU has recommended several security measures for institutions as well as individuals. The advisory stated that customer onboarding systems, including those operated by fintech firms, should incorporate robust mechanisms capable of detecting deepfakes and other forms of synthetically generated content.

“Locking your biometric profile is the strongest defence against this type of remote identity theft,” the advisory stated.

In addition, individuals have been advised to closely monitor email notifications and alerts for any unauthorised login attempts or suspicious authentication activities that may indicate an attempt to misuse their identity.

The advisory emphasised that any signs of financial fraud or identity theft should be reported immediately. Citizens have been encouraged to document incidents through the National Cyber Crime Reporting Portal and provide relevant information, including the fraudster’s contact details and any video links involved in the scam.

The NCTAU also warned users to remain vigilant about sudden disruptions in mobile network services, noting that such incidents could indicate a fraudulent SIM swap attack.

Issuing a broader caution, the advisory clarified that it has been released to raise awareness about emerging AI-enabled identity fraud techniques. It added that references to identity verification systems and authentication processes are based on observed threat trends and “do not imply vulnerabilities or compromise of any specific organisation, platform, or service.”