Impersonation via Deepfake Video for Fund Release

How Impersonation via Deepfake Video for Fund Release Works

Overview: An advanced twist on impersonation scams, this pattern uses AI-generated deepfake videos to mimic supplier executives or company owners. Scammers convince finance teams to release significant funds, believing they're interacting with real decision-makers. Especially harmful to businesses exposed to remote work or virtual meetings. How It Works: Fraudsters harvest video and audio samples from online meetings or social media. Using deepfake technology, they create short personalized videos of the CEO or supplier boss, requesting urgent payment or approval. The finance or procurement officer, fooled by the apparent authenticity, processes large transfers quickly, trusting the visual evidence. India Angle: With the rise of remote work tools and increasing use of video conferencing (Zoom, Google Meet) among Indian firms, this scam is especially relevant for urban businesses in IT hubs like Bengaluru, Hyderabad, and Gurugram. Victims often include young professionals used to quick virtual approvals. Real Examples: - An accounts team at a Bengaluru startup received a video message via WhatsApp from someone who appeared to be their vendor's director, urgently requesting payment to a new bank account for 'logistics issues.' Red Flags: - Out-of-character requests for urgent fund release through video messages - Video messages that can't be verified by calling the executive's known number - Slight oddities in facial expressions or voice - Suggestions to keep the transaction confidential Protective Measures: - Treat all video payment requests with suspicion; verify by phone or face-to-face - Educate all staff about deepfake technology and risks - Restrict large payment approvals to trusted and verified channels - Always confirm unfamiliar payment details through previously verified contacts If Victimised: - Notify your bank and attempt to halt payment - Report deepfake incidents to India's cyber police via cybercrime.gov.in and 1930 - Secure and review all communication devices for additional compromise Related Scams: - Voice call spoofing for fund transfer - Email-based invoice redirection - Deepfake social media impersonation attacks

How This Scam Works — Detailed Explanation

Scammers initiate impersonation via deepfake video by meticulously gathering information about their targets, typically using platforms like WhatsApp and LinkedIn. They scour online meetings, public-facing social media accounts, and corporate websites to collect video and audio samples of company executives or key decision-makers. The anonymity of these platforms allows for easy gathering of personal data, sometimes without raising immediate suspicion. By creating a false identity, these criminals approach finance teams under the guise of authority, crafting a realistic yet fraudulent persona.

Once they have acquired sufficient data, the scammers employ sophisticated deepfake technology to create videos that convincingly portray the company executives. This deepfake video often includes personalized messages meant to evoke trust and authority. They might send urgent requests for fund releases while mimicking the executive's tone, speaking style, and common phrases. The psychological trickery involved aims to pressure targets into acting quickly by using intimidation and urgency—often claiming there are critical deadlines or confidential matters involved. These tactics exploit the vulnerability of teams working remotely, where face-to-face verification isn't practical.

Victims typically experience distinct, calculated steps in their deception. For instance, a finance manager might receive a WhatsApp video message urging them to release funds for a vital supplier payment. The message could appear genuine, complete with company branding and familiar language. The unsuspecting manager, believing they are communicating with a well-known executive, processes the payment via UPI or direct bank transfer to fraudulent accounts. Notably, in a case earlier this year in India, a small tech startup lost ₹2 crore in a deepfake scam, illustrating the real financial impact of this sophisticated fraud.

The repercussions of such scams are severe in India. According to reports compiled by the Ministry of Home Affairs (MHA) and the Reserve Bank of India (RBI), impersonation scams have led to nearly ₹1,000 crore in losses to businesses over the past year. Moreover, CERT-In has issued advisories highlighting the growing prevalence of advanced scams, including deepfake technology. The ease with which these videos can be generated poses profound risks for organizations that rely heavily on remote interactions. Companies could face legal ramifications, reputational damage, and tumultuous financial loss that may rewrite their future.

To differentiate this scam from legitimate communications, look for tell-tale signs: inspect the video closely for oddities that might reveal it's a deepfake, such as unnatural movements or discrepancies in audio. Be wary of requests from known executives to handle funds with an unusual sense of urgency. Also, remember that real executives will not shy away from discussing transactions openly or will not ask for confidentiality when it comes to financial actions. Always verify via an alternative communication method, like a phone call, the legitimacy of these requests before proceeding with any financial transaction.

Visual Intelligence:

BharatSecure's AI has identified this as a used in scams targeting Indian users.

Who Does Impersonation via Deepfake Video for Fund Release Target?

General public across India

Red Flags — How to Identify Impersonation via Deepfake Video for Fund Release

• Video payment requests from known executives or suppliers
• Unusual urgency or changed communication style
• Visible oddities in video or voice
• Push to keep the transaction confidential

What To Do If You Encounter Impersonation via Deepfake Video for Fund Release

1. Report suspicious deepfake communications to the cybercrime helpline at 1930 or through cybercrime.gov.in.
2. Call your bank's customer service to put a hold on any recent transactions if you suspect fraud.
3. Verify any fund requests by contacting the executive through a different communication platform.
4. Educate your finance team about the risks of deepfake technology and the signs of impersonation scams.
5. Regularly update your company's cybersecurity measures as per the latest guidelines provided by CERT-In.
6. Document all communications with suspected deepfake impersonators to assist in investigations.

How to Report Impersonation via Deepfake Video for Fund Release in India

• Call 1930 — National Cyber Crime Helpline (24x7)
• File a complaint at cybercrime.gov.in
• Contact your bank immediately if money was lost
• Call RBI helpline: 14440 for banking fraud

Frequently Asked Questions

What to do if I shared my UPI details after receiving a deepfake video request?

Immediately contact your bank's helpline—like SBI at 1800-11-1109 or HDFC at 1800-202-6161—to block your UPI account and investigate potential fraud.

How can I identify a deepfake video impersonation scam?

Look for inconsistencies in lip movements, unnatural eye movements, or sudden changes in the usual communication style of the supposed sender.

What are the steps to report a deepfake impersonation scam in India?

You can report it to the cybercrime helpline at 1930 or file a complaint via cybercrime.gov.in. Your bank should also be notified immediately for potential fraud.

How can I recover money lost through a deepfake scam?

Contact your bank as soon as possible, provide them documentation of the transaction, and file a complaint with the local police and cybercrime unit for further assistance.

Verify Any Suspicious Message

Check any suspicious message, link, or call for free at bharatsecure.app. BharatSecure uses AI to detect scams in real-time and protect Indian users.