Clustered Deepfake KYC for Mass Account Creation — How to Identify & Stay Safe

INDIA — By BharatSecure Threat Intelligence Team · Updated May 28, 2026

Severity: HIGH | View Full Scam Details

Clustered Deepfake KYC Scam: A Growing Threat in India’s Digital Loan App Space in 2026

A new high-risk cybercrime called Clustered Deepfake KYC is exploiting India’s digital loan ecosystem by creating mass fraudulent accounts using fake identities.

What Is the Clustered Deepfake KYC for Mass Account Creation?

Clustered Deepfake KYC is a sophisticated scam involving fake identity verification that uses deepfake technology to fool the Know Your Customer (KYC) process on digital loan apps and financial platforms. Fraudsters create fake video and biometric data that closely mimics real customers’ appearances and voices, allowing them to pass KYC checks without using genuine personal information. This enables the creation of a large number of fraudulent accounts to access loans, credit, or banking services.

This scam mainly targets loan app providers and fintech platforms offering quick digital loans, often popular in tier 2 and tier 3 cities. As millions of Indians rely on app-based loans anchored by Aadhaar e-KYC and video KYC, fraudsters exploit the system by submitting clusters of synthetic identities to manipulate credit and loan disbursal processes.

According to reports made to cybercrime units and advisories by CERT-In and the Indian Cyber Crime Coordination Centre (I4C), Clustered Deepfake KYC fraud has been rising sharply since late 2025. RBI and CERT-In have warned financial institutions to enhance biometric and behavior analytics to detect deepfake videos in KYC verification.

How This Scam Works — Step by Step

1. Scammer Setup: Fraudsters generate several deepfake videos simulating different victims’ faces and voices using AI algorithms. They combine these with forged Aadhaar details or stolen PII from data leaks.

2. Mass KYC Submission: Using these deepfake videos, the fraudsters submit hundreds of KYC applications to loan apps, often using mobile SIMs swapped or obtained through identity theft.

3. Account Creation Approval: The loan apps’ automated KYC validation systems, relying on video matching and Aadhaar fingerprint or face matching, approve these accounts because the deepfakes bypass typical detection.

4. Loan Application and Disbursal: Loan requests are pushed from these fake accounts. The disbursed loans, credited in INR to bank accounts linked via UPI or virtual payment addresses (VPAs), are quickly transferred out to mule accounts or converted to non-traceable payments.

5. Victim Impact: Actual Aadhaar holders whose data is spoofed may later face unexpected loan defaults or credit issues, though in many cases, data used is entirely synthetic with no real victim identity stolen.

6. Fraud Discovery: Victims or financial institutions detect fraud only after payment defaults or suspicious transaction reports for UPI IDs like us**@bank. Police investigations reveal clusters of accounts sharing behavioral patterns indicating deepfake-created identities.

Real Warning Signs to Watch For

• Unexpected loan account creation alerts or SMS about credit approvals you never applied for
• OTP requests or verification messages from loan apps on your phone without your action
• Calls or messages urging you to share Aadhaar or biometric data “for quick loan approval”
• Loan approval or credit disbursal messages referencing apps or schemes you don’t know
• Receiving loan or credit-related SMS for accounts linked to your Aadhaar or mobile without your consent
• SMS about SIM swap attempts or verification with no recent request from you
• Bank SMS alerts about transactions from unfamiliar UPI IDs or unknown linked wallets

What Happens to Victims

Victims of Clustered Deepfake KYC scams can face significant financial risk. If their Aadhaar details or mobile number are linked to these fake loan accounts, they might unknowingly become liable for loan repayment defaults or inflated credit reports. This harms their credit rating with credit bureaus, making future loans more difficult or expensive.

In many cases, victims discover the fraud only when they try to access legitimate loans or observe deductions from their UPI-linked bank accounts. SIM swap incidents make the matter worse, allowing fraudsters to intercept OTPs or banking alerts. Emotional distress and loss of trust in digital financial services often follow.

Additionally, bogus loan applications masquerading as real users can also strain microfinance platforms and disrupt RBI-regulated credit ecosystems, increasing overall systemic risk.

What RBI and CERT-In Say

The Reserve Bank of India (RBI) has issued advisory circulars urging digital lenders to adopt multi-layer biometric authentication, robust AI detection mechanisms for deepfakes, and enhanced transaction monitoring. RBI highlights the importance of continuous KYC re-validation, especially with video KYC.

CERT-In has alerted the public and financial service providers to emerging scams involving synthetic identities and AI-generated deepfake videos, emphasizing the risk of identity theft and data misuse. They recommend combined use of device fingerprinting, behavioral biometrics, and anomaly detection.

Victims and worried users can call the national cybercrime helpline at 1930 for assistance. RBI’s customer grievance portal and complaints redressal mechanism also support those impacted by digital loan frauds.

How to Protect Yourself

1. Never share Aadhaar or biometric details unless certain about the app’s authenticity and RBI approval.
2. Activate two-factor authentication (2FA) with your bank and loan apps, preferably using physical hardware tokens or authenticator apps instead of just OTP.
3. Regularly check your credit report via RBI-authorized credit bureaus for unfamiliar loan accounts.
4. Monitor SMS and WhatsApp messages for unusual loan approvals or transaction alerts linked to your number or Aadhaar.
5. Avoid clicking on unsolicited links or downloading unknown loan or financial apps promoted via WhatsApp or SMS.
6. Inform your bank immediately if you receive SIM swap-related SMS or suspect misuse of your mobile number.
7. Use apps from verified sources only and update your Aadhaar-linked mobile number strictly through secure official portals.

What to Do If You’ve Been Targeted

• Contact your bank immediately to freeze or block compromised accounts or UPI virtual addresses.
• Report the scam to the national cybercrime helpline by calling 1930 or visiting cybercrime.gov.in.
• File a police complaint mentioning the suspected deepfake and fraudulent loan activity.
• Raise a grievance with the loan app’s customer support and RBI’s banking ombudsman if the institution is regulated.
• Change passwords and enable stronger authentication measures on your digital and banking profiles.
• Keep a close watch on your credit reports and bank statements for recurring suspicious activity.
• Inform Aadhaar authorities if your biometric data is suspected to have been misused.

Frequently Asked Questions

What exactly is a deepfake in the context of KYC verification?
Deepfakes here refer to AI-generated fake videos or biometric data that imitate a person’s face and voice to fool identity verification systems used by loan apps during KYC checks.

Can these scams happen without any Aadhaar data theft?
Yes. While some scams misuse leaked Aadhaar details, others rely on fully synthetic identities created using AI, combining fake videos with forged documents to bypass KYC.

How soon will I know if fraudulent loans have been taken in my name?
Often victims become aware only after credit reports show defaults or loan apps send messages about repayments. Regular monitoring of credit reports helps early detection.

If you receive any suspicious messages or calls related to loans or KYC, always verify first at BharatSecure.app and report fraud at the 1930 cybercrime helpline.

Disclaimer: This article describes a pattern of fraud reported in public sources for public-safety awareness. It is not legal, financial, or medical advice. To request correction or removal of any content, write to hello@bharatsecure.app.