Dual-Channel Deepfake Payment Fraud

How Dual-Channel Deepfake Payment Fraud Works

Overview: This advanced scam manipulates victims through multiple communication channels—starting with email or Teams, then moving to WhatsApp or Telegram—to build urgency and authenticity. Deepfake audio or video calls may be deployed if the first channel fails to convince. The complexity confuses approval processes and increases the likelihood of successful fraud. How It Works: Fraudsters begin by sending an official-looking email from a spoofed executive account, requesting an urgent payment. If the employee hesitates, the scammer promptly follows up via WhatsApp or Telegram using a voice-cloned call. This staged approach mimics genuine escalation, compelling staff to prioritize the request, especially under pressure. India Angle: Indian businesses routinely shift between official (email/Teams) and personal (WhatsApp/Telegram) platforms for internal communication. Indian scammers exploit this hybrid approach, especially in sectors with informal or evolving protocols, such as tech startups or family businesses. Real Examples: 'Hi, please check your WhatsApp after this email and action ASAP—confidential payment needed.' Employee gets a follow-up WhatsApp call using voice-cloned executive instructions. Red Flags: 1. Payment requests span email and WhatsApp/Telegram simultaneously. 2. High pressure to act across channels. 3. Inconsistent names, spellings, or contact numbers. 4. Poor grammar or slight accents in messages. Protective Measures: Train staff to always verify through a separate official channel—never respond to requests from unlisted personal numbers. Require written approvals for fund transfers, enforced by duplicate checks. Limit approval authority to pre-registered devices and office locations only. If Victimised: Stop interactions on all channels. Report incidents to management, IT, and cybercrime.gov.in/call 1930. Request your bank to freeze or reverse any transaction. Collect all messages/call records across all channels. Related Scams: Cross-channel invoice scam, phishing email + WhatsApp hybrid attacks, multi-step authority fraud.

How This Scam Works — Detailed Explanation

In the world of scams, dual-channel deepfake payment fraud is a sophisticated tactic that combines technology with psychological manipulation. Scammers start their process by targeting businesses through official-looking emails that appear to be sent from high-ranking executives. They might spoof an email address of a trusted authority within the organization, making it look credible. For instance, a message might arrive from a phishing email mimicking a CEO’s address, requesting an urgent payment for a vendor service. This initial point of contact is often made via platforms like email or Microsoft Teams, which gives it an air of legitimacy.

Once the scammer has the victim’s attention, they leverage multiple communication channels to create urgency and an impression of authority. After sending the email, they quickly follow up via WhatsApp or Telegram, sometimes even using deepfake technology to create a convincing video or audio call. This deepfake technology can replicate the voice or appearance of senior executives, making it exceedingly difficult for the victim to discern the scam. The psychological tactics employed here include urgency and fear of repercussions for failing to comply, leading the victim to act without verification. This two-pronged approach exploits not just technological vulnerabilities but also human psychology.

As the victim navigates this complex situation, they are likely to receive simultaneous payment requests over both email and WhatsApp or Telegram, often accompanied by phone calls from unfamiliar personal numbers claiming to be top executives. These calls typically escalate if any doubts about the payment are raised, further pressuring the victim. For instance, an employee at a major Indian firm may receive a message on WhatsApp from a number that looks unrecognizable, claiming to be the CFO. The instructions could even vary slightly from the email, something like “please pay ₹50,000 now, and refer to invoice #1234”, which would typically match prior communications but have different sender names or email addresses.

Victims of this scam suffer substantial financial losses, with reports indicating that up to ₹100 crore may have been lost in India to similar scams over the past year. The Ministry of Home Affairs and CERT-In have both issued advisories highlighting these kinds of scams as dangerous due to their rapidly evolving nature. The Reserve Bank of India (RBI) has noted that such scams often target businesses by exploiting popular payment methods like UPI. Affected victims frequently experience not just immediate financial stress but also long-lasting impacts on their professional reputation and mental well-being as they grapple with the aftermath.

To distinguish between legitimate and fraudulent communications, it's crucial to be vigilant. Always verify unfamiliar requests for payments against known contacts independently. If a colleague receives an urgent request via WhatsApp that follows an official email but raises suspicion, reach out through official channels, possibly using landline numbers or verified mobile contacts. Marking differences in sender names, the urgency suggested in the tone, or requesting confirmations through a secondary channel can help identify any discrepancies prior to making payments. Overall, being alert and adopting a skeptical mindset towards unsolicited requests can provide a good first line of defense against such scams.

Visual Intelligence:

BharatSecure's AI has identified this as a used in scams targeting Indian users.

Who Does Dual-Channel Deepfake Payment Fraud Target?

General public across India

Red Flags — How to Identify Dual-Channel Deepfake Payment Fraud

• Simultaneous payment requests over email and WhatsApp
• Calls from top executives on unfamiliar personal numbers
• Payment instructions with inconsistent sender names or emails
• Escalation to calls if initial written request is questioned

What To Do If You Encounter Dual-Channel Deepfake Payment Fraud

1. Report suspicious communications immediately to the cybercrime helpline at 1930.
2. Verify any payment requests with the person directly through a separate communication channel.
3. Do not comply with urgent payment requests without confirmation.
4. Document all communications related to the transaction to assist law enforcement if needed.
5. Notify your bank’s customer service—contact SBI at 1800-11-1109 or HDFC at 1800-202-6161.
6. Access cybercrime.gov.in to file a formal complaint.

How to Report Dual-Channel Deepfake Payment Fraud in India

• Call 1930 — National Cyber Crime Helpline (24x7)
• File a complaint at cybercrime.gov.in
• Contact your bank immediately if money was lost
• Call RBI helpline: 14440 for banking fraud

Frequently Asked Questions

What to do if I shared my OTP in a WhatsApp scam?

Immediately contact your bank’s helpline to inform them of the situation. For SBI, call 1800-11-1109 or for HDFC, dial 1800-202-6161. Change your password for security.

How can I identify this specific scam?

Be aware of simultaneous requests for funds via email and WhatsApp. Look out for payment instructions that have differing sender names or suspicious urgencies.

What is the process for reporting this type of scam in India?

You can report at the cybercrime helpline 1930, or visit cybercrime.gov.in for detailed reporting options.

How can I recover money or protect my accounts after this scam?

Directly report the fraud to your bank and the police. Document all details of the incident and report to 1930 to aid recovery efforts.

Verify Any Suspicious Message

Check any suspicious message, link, or call for free at bharatsecure.app. BharatSecure uses AI to detect scams in real-time and protect Indian users.