Deepfake Executive Bank Transfer Fraud — How to Identify & Stay Safe

INDIA — By BharatSecure Threat Intelligence Team · Updated May 29, 2026

Severity: HIGH | View Full Scam Details

Deepfake Executive Bank Transfer Fraud in India 2026: A New Threat to UPI and WhatsApp Users

Deepfake Executive Bank Transfer Fraud is an alarming cybercrime targeting Indian businesses using UPI and WhatsApp, costing millions and eroding trust in digital payments.

What Is the Deepfake Executive Bank Transfer Fraud?

Deepfake Executive Bank Transfer Fraud is a sophisticated scam where fraudsters impersonate senior company executives using AI-generated fake voice messages or calls. These deepfake voices instruct employees, especially those in finance or accounts, to transfer large sums of money to accounts controlled by scammers. This impersonation exploits the trust employees have in their bosses and the increasing use of digital payment methods like UPI in India.

The scam mainly targets businesses of all sizes, with a growing number of cases reported across metro cities such as Delhi, Mumbai, and Bengaluru, as well as Tier 2 cities. The reliance on WhatsApp for internal team communication and authorized transactions via UPI makes Indian companies vulnerable, especially when there is inadequate multi-factor verification.

India’s cybersecurity agencies including CERT-In and the Indian Cyber Crime Coordination Centre (I4C) have flagged this scam as a high-severity risk, urging businesses to bolster verification protocols. While RBI has not issued a direct advisory on deepfake fraud, its warnings on UPI transaction safety indirectly cover such risks, emphasizing user vigilance and secure authentication.

How This Scam Works — Step by Step

1. Reconnaissance Phase: Fraudsters meticulously gather data on a company’s executives by scanning social media platforms like LinkedIn, Facebook, and WhatsApp groups. They analyze voice clips and public speeches to train AI models for voice cloning.

2. Initiation of Contact: Using WhatsApp or phone calls, the scammer contacts an employee in the finance or accounts department, impersonating the CEO or CFO with an eerily similar voice.

3. Urgent Transfer Request: The deepfake caller urgently requests a large UPI transfer, often citing a confidential reason such as a critical vendor payment, merger deal, or emergency business expense. The urgency reduces the employee’s chance to verify.

4. Verification and Manipulation: The scammer may instruct the employee to skip usual approval workflows or use personal UPI IDs/accounts, increasing chances of success.

5. Execution: The victim proceeds with the fund transfer via UPI or bank apps, believing they are obeying a genuine executive order.

6. Cover-Up: Scammers often demand secrecy, warning employees not to disclose the transaction to others to avoid raising alarms.

7. Money Laundering: Once the money lands in the fraudster’s accounts, it quickly gets laundered through multiple UPI IDs and withdrawal methods, making tracing difficult.

Real Warning Signs to Watch For

• Sudden urgent requests for large UPI payments outside normal processes.
• Calls or messages from unknown numbers claiming to be executives.
• Voice on call sounds slightly off or distorted despite being familiar.
• Explicit instructions to bypass multi-level approval policies.
• Requests to keep the transaction secret or avoid confirmation from other team members.
• Transfer requests sent only via WhatsApp and not followed up on official email channels.
• Pressuring employees to complete payments quickly without proper documentation.

What Happens to Victims

Victims of deepfake executive fraud face severe financial and emotional consequences. Besides the direct monetary losses running into lakhs or crores of rupees, companies often encounter prolonged operational disruption as funds become unrecoverable. Unlike standard UPI transactions which allow reversals under limited circumstances, transfers made under fraudulent executive instructions are hard to reverse without early detection.

Emotionally, employees targeted may feel deep guilt, worry about job security, and stress over trust issues within the workplace. This scam also poses risks of personal data misuse. In some reported cases, SIM swap fraud has been used to gain access to personal Aadhaar-linked mobile numbers, facilitating seamless deepfake calls and WhatsApp account hijacking.

What RBI and CERT-In Say

RBI, through its framework on digital payments, continuously advises users and businesses to enable multi-factor authentication on UPI transactions and remain cautious of unsolicited payment requests, especially over WhatsApp or phone calls. Though there is no exclusive RBI advisory on deepfake fraud, the central bank’s 2023 guidelines stress that any payment based on voice instructions without verification is risky.

CERT-In and the I4C have issued alerts on AI-based voice impersonation scams, recommending enterprises implement voice biometrics with multi-party validation and train employees to confirm high-value transfers through multiple channels.

For reporting, users can call the Centralised Public Grievance Redress and Monitoring System (CPGRAMS) and the 1930 cybercrime helpline, supported by CERT-In and I4C for prompt assistance.

How to Protect Yourself

1. Implement Multi-Level Verification: Never process high-value UPI transfers based solely on a voice or WhatsApp message. Always confirm transfer requests via official emails or in-person approval.

2. Use Multi-Factor Authentication (MFA): Ensure UPI apps and business accounts have enhanced security with two-factor authentication.

3. Train Employees: Conduct regular awareness sessions for accounts and finance teams on spotting deepfake and social engineering attempts.

4. Limit Information Exposure: Restrict sharing of executive voice clips publicly and control access to sensitive communication channels like WhatsApp groups.

5. Verify Transaction Requests: If a request seems urgent but unusual, directly call the executive on a known number before initiating payments.

6. Monitor UPI Transactions: Regularly review and flag any unknown or suspicious UPI payments with your bank immediately.

7. Use Whitelisting Tools: Businesses can configure transaction whitelists in UPI, allowing payments only to verified beneficiary accounts.

What to Do If You've Been Targeted

• Immediately contact your bank’s fraud helpdesk to block or freeze transactions and accounts used in the scam.
• Report the incident on the national cybercrime portal at cybercrime.gov.in with all relevant evidence such as call recordings, WhatsApp chat histories, and transaction details.
• Call the cybercrime helpline 1930 to get guided support for lodging complaints and mitigation.
• Inform your company’s IT and compliance teams to initiate internal investigations.
• File a FIR with your local police cybercrime cell and provide them with collected evidence.
• Change all affected passwords, UPI PINs, and secure your WhatsApp and mobile SIM accounts.

Frequently Asked Questions

Q: How can I tell if a call from an executive is a deepfake?
A: Deepfake calls often pressure you for urgent action, avoid answering detailed questions, or have slight voice distortions. Always verify by calling known numbers or through official channels before proceeding.

Q: Can UPI transactions be reversed if done via deepfake scams?
A: Reversals in UPI are generally limited and depend on prompt action. If reported early, banks may help to freeze or recover funds, but it’s not guaranteed. Prevention is critical.

Q: Is WhatsApp a safe platform for business payment approvals?
A: WhatsApp is widely used but not designed for secure financial approvals. Sensitive transfers must use multi-channel authorization to prevent fraud.

For any suspicious messages or money transfer requests, verify authenticity first at BharatSecure.app and report potential fraud at the 1930 cybercrime helpline.

Disclaimer: This article describes a pattern of fraud reported in public sources for public-safety awareness. It is not legal, financial, or medical advice. To request correction or removal of any content, write to hello@bharatsecure.app.