Deepfake Video KYC Liveness Bypass Scam — How to Identify & Stay Safe
INDIA — By BharatSecure Threat Intelligence Team ·
Severity: CRITICAL | View Full Scam Details
🛡️ Want to check if you've received this scam?
Check This Scam on BharatSecure →Deepfake Video KYC Liveness Bypass Scam India 2026: Beware of This Growing UPI Fraud
Scammers in India are increasingly using deepfake technology to bypass video KYC checks and steal money via UPI and Aadhaar-linked accounts.
What Is the Deepfake Video KYC Liveness Bypass Scam?
The deepfake video KYC liveness bypass scam is a sophisticated cyber fraud targeting individuals in India through fake video KYC (Know Your Customer) processes. This scam exploits the increasing use of video KYC for banking and fintech services, where users verify their identity by recording a short live video. Fraudsters use AI-powered deepfake technology to impersonate victims or trick biometric liveness checks, bypassing security protocols designed to prevent identity theft.
This scam mostly targets people who are either unaware of deepfake risks or eager to open accounts quickly for loans, investments, or new UPI-linked bank accounts. Victims are often contacted through phishing emails, fraudulent job portals, or social media messages, posing as bank or fintech representatives to create trust. Cases reported to cybercrime cells across India indicate this scam is on the rise, with losses running into lakhs of rupees for individuals. While official advisories from RBI and CERT-In have yet to address deepfake specifically, they continuously warn about evolving phishing and identity fraud tactics that include video KYC misuse.
How This Scam Works — Step by Step
Initial Contact: The fraudsters reach out to potential victims via WhatsApp messages, fake job offers, or emails claiming they need to complete a quick video KYC to approve loans or open UPI-enabled accounts.
Building Trust: The caller impersonates bank or fintech staff, often using official-sounding language and sometimes fake corporate IDs or email addresses resembling real institutions.
Fake Video KYC Setup: Victims are instructed to record or participate in a "live video KYC" on a third-party platform controlled by the scammers. Some victims may be asked to send prerecorded videos, which the fraudster then digitally manipulates with deepfake AI to simulate liveness and compliance.
Bypassing Liveness Detection: Using advanced deepfake software, the scammers generate or alter live video feeds to fool biometric liveness checks that banks or fintech companies use. This allows them to create fraudulent KYC profiles linked to the victim’s personal data, such as Aadhaar numbers, PAN, or UPI IDs.
Data Theft and Account Takeover: With the completed fake video KYC, scammers open new bank accounts or link existing ones to their fraudulent profiles. They may also gain control over existing UPI IDs by requesting SIM swaps using the stolen identity or by phishing for One Time Passwords (OTPs).
Funds Drained: Once access is secured, fraudsters initiate UPI transactions, often in small instalments (to avoid detection) or large transfers, draining victims’ linked bank accounts without consent.
Real Warning Signs to Watch For
- Unexpected calls or messages asking for video KYC sessions, especially from unofficial numbers.
- Requests to upload or record videos on unfamiliar third-party platforms or apps.
- Pressure tactics to hurry the KYC process, warning that offers or loans will expire.
- Unsolicited job offers or loan approvals that require immediate video verification.
- Requests for Aadhaar, PAN, or UPI ID sharing combined with video calls.
- Notifications of SIM swaps or changes on your number without prior consent.
- Unauthorized UPI transaction alerts or messages about KYC completion you did not initiate.
What Happens to Victims
Victims may face severe financial losses as scammers can quickly empty linked bank accounts through UPI or fraudulent loan disbursements. Because the fraud uses deepfaked KYC, reversing transactions can be complicated; RBI guidelines allow reversal only if the bank proves consent was forged, which is difficult when biometric KYC appears authentic.
Emotionally, victims often experience high stress and mistrust of digital banking, impacting their willingness to use essential services. Misuse of Aadhaar and PAN in these scams can lead to identity theft affecting credit scores and future financing options. Moreover, SIM swaps facilitated by fraudsters block victims from receiving OTPs, preventing timely action to secure accounts.
What RBI and CERT-In Say
The Reserve Bank of India (RBI) has issued broad advisories warning customers against sharing personal banking information like OTPs, Aadhaar details, and UPI PINs over phone calls or WhatsApp. Although RBI’s current framework for KYC focuses on biometric and video verification, the rapid advances in AI and deepfakes have posed fresh challenges to fraud prevention.
CERT-In, India’s national cybersecurity agency, encourages users to stay vigilant about phishing attacks and report suspicious digital activities through the 1930 cybercrime helpline. Both agencies emphasize the importance of timely reporting and multi-factor authentication as frontline defence.
How to Protect Yourself
- Verify Caller Identity: Always call back official bank or fintech numbers listed on their website before engaging in video KYC or sharing sensitive info.
- Avoid Sharing Videos on Third-Party Apps: Only use trusted platforms approved by your financial institution for KYC.
- Never Share OTPs or UPI PINs: Legitimate representatives will never ask for these.
- Enable Bank Account Alerts: Immediately react to any unauthorized UPI transactions reported via SMS or app notifications.
- Register Complaints Promptly: Contact your bank and telecom provider if your SIM is swapped or compromised.
- Use Aadhaar Locking Services: Lock your Aadhaar biometrics via UIDAI website to prevent misuse.
- Educate Yourself on Deepfake Risks: Be cautious of video requests that ask for unnatural movements or repeated recordings.
What to Do If You’ve Been Targeted
If you suspect you have fallen prey to this scam, immediately:
- Contact your bank’s fraud helpline and request a freeze on UPI transactions and linked accounts.
- Report the incident to the 1930 cybercrime helpline and file a complaint at cybercrime.gov.in.
- Notify your telecom operator to block or restore your mobile number if SIM swap is suspected.
- Change all related passwords and PINs, and monitor your credit reports for identity misuse.
- If Aadhaar details were compromised, use the UIDAI portal to lock or update your biometric data.
Frequently Asked Questions
Q1: Can deepfake videos really fool bank KYC systems?
Yes, increasingly sophisticated deepfake AI can trick liveness detection systems in some video KYC setups, making it important to verify identity through multiple factors.
Q2: How can I tell if a KYC video request is genuine or a scam?
Genuine requests come through official channels and never pressure you to submit videos on suspicious apps or third-party websites. Always verify by calling your bank’s official helpline.
Q3: What should I do if unauthorized transactions happen after video KYC?
Immediately report to your bank, block your UPI ID, and lodge a complaint with cybercrime authorities. Also, monitor your bank account closely for further suspicious activity.
For more verification of suspicious messages or calls, visit BharatSecure.app or report fraud by calling the 1930 cybercrime helpline.
Disclaimer: This article describes a pattern of fraud reported in public sources for public-safety awareness. It is not legal, financial, or medical advice. To request correction or removal of any content, write to hello@bharatsecure.app.
Related Scams in Our Database
- BlueDart/DTDC Parcel Scams (General SMS/WhatsApp Delivery Issues) — Severity: MEDIUM
- Phishing for Personal Information — Severity: MEDIUM
- Smishing (SMS Phishing) for Personal Information — Severity: MEDIUM
Verify Any Suspicious Message
Check any suspicious message, link, or call for free at bharatsecure.app.