Deepfake Multi-Participant Video Conference Scam

How Deepfake Multi-Participant Video Conference Scam Works

Overview: In the Deepfake Multi-Participant Video Conference Scam, fraudsters stage video meetings where AI-generated avatars impersonate senior company executives. These convincing deepfakes participate in calls—often organized over Zoom or MS Teams—to persuade employees to approve fraudulent wire or UPI transactions. This scam targets large Indian companies, MNCs, and financial institutions, exploiting trust in video interactions. How It Works: 1. Hackers gather video and profile data of top executives using social media, company announcements, and press coverage. 2. Attackers set up a fake video meeting, complete with deepfake avatars of multiple executives. 3. The victim, often from finance or accounts, is invited to the call, where several 'colleagues' reinforce the legitimacy of an urgent transaction. 4. Deepfake participants instruct the victim to transfer funds, leveraging urgency and confidentiality. 5. Once approved, the money is diverted to criminal accounts. India Angle: Indian metros like Delhi NCR, Bengaluru, and Hyderabad are seeing a rise in such scams. The preferred platforms are Zoom, Google Meet, and WhatsApp video, with scammers switching between English, Hindi, and local languages to target employees in large and mid-sized companies. The scam preys on strict corporate hierarchies and faith in face-to-face verification in the Indian context. Real Examples: An accounts executive at a Delhi-based IT firm is summoned to a surprise Zoom meeting with the 'CFO' and other managers. During the call, all participants echo: “This is urgent. Please process the vendor payout now—this must remain confidential.” The employee notices slight lip-sync delays but feels reassured by the apparent group consensus. Red Flags: - Out-of-the-blue video meetings with top leadership demanding money transfers - Unnatural body language, lip syncing, or delayed responses - Colleagues you rarely interact with suddenly present in a coordinated call - No prior calendar invites or agenda shared beforehand - Insistence on secrecy or bypassing standard checks Protective Measures: Always insist on independent verification before approving transactions—even during calls. Challenge suspicious video participants (ask them to perform unique hand gestures or answer unplanned questions). Follow dual-approval processes for all large payments and educate employees to recognize AI video manipulation cues. If Victimised: Quickly alert your bank to attempt a stop on the transaction. Report to cybercrime.gov.in and helpline 1930. Save screenshots and call recordings, notify IT/security teams, and communicate the incident internally to prevent repeats. Related Scams: Voice-Only CEO Impersonation Calls and Classic Business Email Compromise (BEC) with payment diversion.

How This Scam Works — Detailed Explanation

In the Deepfake Multi-Participant Video Conference Scam, fraudsters employ advanced artificial intelligence tools to create realistic avatars of high-ranking company executives. These criminals harvest video and profile data from platforms like LinkedIn or corporate websites, meticulously crafting deepfake images and voices to impersonate trusted individuals. Once they have their targets, they use applications like Zoom or Microsoft Teams to host fake video calls, which seem legitimate at first glance. This method is particularly effective within large Indian corporations, multinational companies, and even financial institutions that rely heavily on digital communications, making employees vulnerable to deception.

The specific tactics used by scammers in this scheme may include creating a sense of urgency and employing psychological manipulation. These scammers might schedule surprise video calls with claims of immediate fund transfers that require approval or confirmation. During the call, the deepfake avatars exhibit charm and confidence, skillfully persuading unsuspecting employees to comply with requests without suspicion. They may even structure the call to appear as if all participants are in consensus while diverting attention from potential red flags like video glitches or awkward lip-syncing, which should ordinarily raise alarms. The scammers rely heavily on the trust inherent in digital communication, exploiting the natural tendency for employees to follow orders from superiors under pressure.

Once victims are caught in this trap, the scam unfolds step-by-step, often culminating in significant financial losses. For example, an employee might receive a call purportedly from their company's CFO, urging them to effect an urgent UPI transaction for a vital acquisition. The convincing portrayal of this executive leads the employee to initiate a transaction, often utilizing UPI and linking it to their Aadhaar for additional quick approvals. Once the funds are transferred, they vanish into the scammers' accounts, often routed through multiple channels to obscure tracking. Victims report that the aftermath of these scams is distressing, with many companies losing crores of rupees in the process. Recent estimates reveal that over ₹100 crore was lost to similar scams targeted at Indian companies in 2023 alone.

The real-world impact of the Deepfake Multi-Participant Video Conference Scam has drawn significant concern from regulatory bodies. The Ministry of Home Affairs (MHA), Reserve Bank of India (RBI), and Computer Emergency Response Team (CERT-In) have issued advisories emphasizing vigilance against these evolving threats. They highlight that these scams could compromise not only individual companies but also the entire financial ecosystem. As these scams proliferate, the necessity for robust training and awareness at the corporate level cannot be overstated. Many companies are beginning to acknowledge the threat but struggle to develop adequate safeguards or response protocols to mitigate risks associated with deepfake technology.

To spot this scam versus legitimate communications, reliable warning signs must be understood. Surprise video calls without pre-scheduled invites or written agendas should raise suspicions. If all participants in a meeting seem to support urgent fund requests with no hesitation, this is a red flag. Participants should also be mindful of unusual technical glitches and discrepancies in voice synchronization; that might indicate a deepfake. Legitimate corporate communication typically includes a level of formality and documentation that is often absent in these scams. Employees must be encouraged to confirm requests such as fund transfers through secondary channels like official emails or phone calls to the purported sender to safeguard against these modern scams.

Visual Intelligence:

BharatSecure's AI has identified this as a used in scams targeting Indian users.

Who Does Deepfake Multi-Participant Video Conference Scam Target?

General public across India

Red Flags — How to Identify Deepfake Multi-Participant Video Conference Scam

• Surprise video calls about urgent fund transfers
• All participants support the request without skepticism
• Lip-sync or video glitches during the call
• No written agenda or meeting invite

What To Do If You Encounter Deepfake Multi-Participant Video Conference Scam

1. Report the scam immediately by calling the cybercrime helpline at 1930 or visiting cybercrime.gov.in.
2. Alert your company's security team to investigate the suspicious video call and corresponding transactions.
3. Contact your bank's customer care for quick measures to freeze your account, especially if you authorized any transactions (SBI: 1800-11-1109, HDFC: 1800-202-6161).
4. Change passwords for any accounts linked to the video call or recent transactions, prioritizing strong, unique passwords.
5. Educate yourself and colleagues about deepfake technology and its implications to build awareness and readiness.
6. Document every detail of the incident including dates, participants, and transaction records for reporting purposes.

How to Report Deepfake Multi-Participant Video Conference Scam in India

• Call 1930 — National Cyber Crime Helpline (24x7)
• File a complaint at cybercrime.gov.in
• Contact your bank immediately if money was lost
• Call RBI helpline: 14440 for banking fraud

Frequently Asked Questions

What to do if I shared my OTP in a UPI scam?

Immediately contact your bank to report the incident and request a freeze on your account. Call SBI at 1800-11-1109 or HDFC at 1800-202-6161. Changing your banking passwords is also advised.

How can I identify the Deepfake Multi-Participant Video Conference Scam?

Be cautious of surprise video calls regarding urgent fund transfers, especially if there's no written agenda. Look for signs of technical glitches like lip-sync issues or unusual participant behavior.

How do I report this type of scam in India?

Report to the local police or national cybercrime helpline by calling 1930 or filing a complaint at cybercrime.gov.in. Also, inform your bank about any fraudulent transactions.

What steps should I take to recover my money after this scam?

Contact your bank immediately to request transaction reversal if made recently. Follow their instructions, and document all communications for further reporting if needed.

Verify Any Suspicious Message

Check any suspicious message, link, or call for free at bharatsecure.app. BharatSecure uses AI to detect scams in real-time and protect Indian users.