Deepfake Crypto CEO Video Impersonation Scam — How to Identify & Stay Safe

INDIA — By BharatSecure Threat Intelligence Team · Updated May 29, 2026

Severity: HIGH | View Full Scam Details

Deepfake Crypto CEO Video Impersonation Scam in India 2026: Beware the WhatsApp KYC Phishing Threat

Scammers are using deepfake videos of crypto CEOs to trick Indian investors via WhatsApp, leading to serious financial losses.

What Is the Deepfake Crypto CEO Video Impersonation Scam?

In 2026, a troubling new cybercrime trend is hitting India’s cryptocurrency community: scammers are using deepfake technology to create convincing videos that imitate CEOs of popular crypto exchanges or well-known brand ambassadors. These fake videos are then sent via WhatsApp or Telegram, primarily targeting individuals who actively trade or invest in cryptocurrencies.

This scam specifically preys on people involved in crypto investments by exploiting their trust in recognizable figures. The fraudsters often combine psychological tactics with technology to persuade victims to share sensitive information like Aadhaar details, PAN cards, or even conduct Know Your Customer (KYC) verification steps through malicious links. According to public complaints received by various Indian cybercrime forums, such scams are increasing rapidly, posing a high risk especially to those less familiar with the digital safeguards required in crypto trading.

While no specific advisory from RBI or CERT-In mentions deepfake scams targeting cryptos yet, the I4C (Indian Cyber Crime Coordination Centre) consistently classifies such attacks under phishing and identity fraud. The Reserve Bank of India has warned investors to be extremely cautious when sharing personal data or UPI information following suspicious messages—a general principle that applies strongly here.

How This Scam Works — Step by Step

1. Initial Contact via WhatsApp or Telegram: Victims receive a message from a contact claiming to be a crypto CEO or ambassador. The message includes a video that appears very authentic, created using deepfake AI, and urges immediate action to secure investments.

2. Psychological Pressure: The video often warns of upcoming “mandatory KYC updates” or “urgent account verification” needed to avoid losing cryptocurrency holdings or access to wallets.

3. Malicious Link or QR Code: The message directs the victim to click a link or scan a QR code purportedly for completing KYC or security checks. This link leads to a fake website, imitating real crypto exchange portals.

4. Data Theft and Phishing: When the victim enters Aadhaar numbers, PAN details, or UPI IDs such as us**@bank, the scammers harvest this sensitive data for misuse, including SIM swaps that allow them to bypass two-factor authentication (2FA).

5. Unauthorized Transactions: With stolen KYC credentials and UPI access, victims can experience unauthorized fund transfers. Fraudsters frequently use UPI apps to immediately move INR amounts out of accounts before victims can react.

6. Cover-Up and Cutting Off Contact: After the fraud, scammers disable WhatsApp accounts or block victims, making recovery difficult.

Real Warning Signs to Watch For

• The video message is unsolicited, even when coming from a “known” contact.
• Urgency in message tone: rushing you to act NOW on KYC or security.
• Requests for highly sensitive details like Aadhaar and PAN via WhatsApp or unofficial links.
• Use of deepfake video that looks almost real but has slight distortions or unnatural lip movements.
• Links leading to websites with odd URLs not matching official crypto platforms.
• Offers “guaranteed” security updates or unusually good investment benefits.
• Requests to share OTPs or UPI PINs are red flags—no genuine organization asks for these over chat.

What Happens to Victims

Victims of this deepfake scam often suffer immediate financial losses through unauthorized UPI transactions draining their bank accounts. Since UPI payments are typically instant and irreversible, victims find it hard to reverse these debits, especially when fraud happens quickly after the phishing event.

Beyond financial loss, many become targets for further identity theft using their Aadhaar and PAN details, risking opening fraudulent bank accounts or loans. Emotional distress follows, with victims facing anxiety and mistrust in digital transactions. In some cases, SIM swap fraud disables access to mobile banking or security OTPs, leaving victims locked out of their accounts.

What RBI and CERT-In Say

The Reserve Bank of India has repeatedly alerted the public against phishing and fraudulent KYC data collection, emphasizing never to share sensitive information like OTPs, Aadhaar, or UPI PINs over calls or chats. RBI’s official helpline (1800-120-146) is available for reporting financial frauds.

CERT-In underscores the importance of vigilance against deepfake videos and advises users to verify messages from trusted sources before acting. The Indian Cyber Crime Coordination Centre (I4C) directs victims to report such scams at cybercrime.gov.in, where complaints can be lodged online.

For immediate assistance, victims should also call the national cybercrime helpline number 1930 for guidance on reporting and recovering from such frauds.

How to Protect Yourself

1. Never trust video messages on WhatsApp or Telegram asking for personal KYC details or urgent actions without verifying the source offline.
2. Confirm with the official crypto exchange’s website or helpline before clicking any link or scanning QR codes.
3. Avoid sharing Aadhaar, PAN, or UPI PINs via chat, no matter how convincing the sender seems.
4. Enable multi-factor authentication (MFA) on your crypto accounts and linked bank apps.
5. Regularly monitor your bank and UPI transaction alerts for unauthorized activity.
6. Use Aadhaar-based e-KYC only through official government portals, never via third-party links.
7. Install updates promptly on your phone and apps to benefit from security patches against malware that might steal data.

What to Do If You’ve Been Targeted

• Immediately contact your bank to block your UPI ID and debit cards to stop further unauthorized transactions.
• File a complaint at the nearest police cybercrime cell or online at cybercrime.gov.in.
• Call the 1930 cybercrime helpline for guidance on the next steps.
• Change all your passwords related to investments, banking, and email accounts.
• Report the fraudulent WhatsApp number and block it; inform WhatsApp using their report features.
• Consider submitting an Aadhaar lock or authentication freeze via UIDAI’s official website to prevent misuse.
• Maintain records of all communication and transactions related to the scam for police reports or insurance claims.

Frequently Asked Questions

Q: How can I tell if a crypto CEO video is a deepfake?
A: Look for subtle abnormalities in the video such as unnatural facial movements, inconsistent lighting, or mismatched voice tones. Always cross-verify with official channels instead of relying on messages forwarded through WhatsApp.

Q: Can I recover money lost in such scams via UPI?
A: UPI payments are instant and typically irreversible. However, you should immediately contact your bank and report to cybercrime authorities to explore possible recovery or freezing options, though success varies case by case.

Q: Is it safe to do KYC for crypto apps on WhatsApp links they send?
A: No. Legitimate KYC processes happen only on official websites or apps. Never submit Aadhaar, PAN, or personal documents via third-party links shared on WhatsApp or social media.

For any suspicious messages or videos about crypto investment or KYC, always verify details at BharatSecure.app and report fraud instantly by calling 1930.

Disclaimer: This article describes a pattern of fraud reported in public sources for public-safety awareness. It is not legal, financial, or medical advice. To request correction or removal of any content, write to hello@bharatsecure.app.