What to do if I shared my UPI details in a suspected scam?

Immediately notify your bank’s helpline, such as SBI at 1800-11-1109 or HDFC at 1800-202-6161, and report the incident on cybercrime.gov.in.

How do I know if a video call request is a deepfake?

Look for signs like unnatural speech patterns, unusual requests outside standard protocols, and verify the caller's identity via another channel.

How can I report this type of scam in India?

You can report the scam to the cybercrime helpline at 1930 or file a complaint at cybercrime.gov.in. Make sure to inform your bank of any fraudulent transactions.

What steps can I take to recover lost money after this scam?

Report the scam to your bank immediately; they may help in freezing the transaction if reported in time. Also, file an FIR with local police and check cybercrime.gov.in for further guidance.

Fake CFO Deepfake Video Transfer Scam

Verdict: Suspicious | Risk Score: 9/10 | Severity: critical

Category: UPI, WhatsApp, Job

How Fake CFO Deepfake Video Transfer Scam Works

Overview The Fake CFO Deepfake Video Transfer Scam is an advanced form of financial fraud targeting employees responsible for handling company money, particularly those in finance, accounts, or treasury. In this scam, criminals use deepfake technology to convincingly impersonate top company executives—like the CEO or CFO—on email and video calls, pressuring employees to authorise urgent money transfers. This type of scam is especially dangerous because the use of AI-generated real-time video and audio makes imposters almost impossible to distinguish from the genuine director, increasing the risk of high-value losses. How It Works The scam follows a calculated process. First, fraudsters collect public video and audio clips of company leaders from events or online content. Next, they build deepfake models to create convincing digital copies. The scammers then send an initial urgent message (email or WhatsApp) to a targeted finance staff member, posing as the CFO. Claiming confidentiality and high urgency, they instruct staff to join a video call to discuss a secretive wire transfer, such as for a supplier payment or acquisition. On the call, the scammer—using a deepfake overlay—pressures the victim into authorising large sums, often split into multiple smaller transfers to make detection harder. The funds are routed through a maze of bank accounts, sometimes across multiple countries, and disappear rapidly. India Angle In India, scammers have adapted this trick to exploit the popularity of WhatsApp, UPI, and regional video calling platforms. Targets include employees of large corporates and fast-growing startups, especially those in tier-1 cities like Mumbai, Bengaluru, and Delhi. Many scams also mimic Indian compliance authorities (such as RBI or SEBI) to build credibility, and often refer to account verification through Aadhaar, PAN, or GST numbers. The scam has been seen in both English and regional languages, aiming to catch unwary finance professionals, vendors, and even business owners. Real Examples - An accountant at an Indian tech firm receives a WhatsApp message: "Strictly confidential—urgent supplier payment needed! Join the video call now." - A finance manager gets an email from ceo-bharatsecurre.com: "I need your help. No time to check with anyone—transfer ₹30 lakh immediately to this account." - On a Zoom call, the 'CFO' appears live, his face and voice matching perfectly, but avoids answering specific questions about the transaction's purpose. Red Flags - Messages or video calls that stress secrecy and urgency, urging immediate action - Requests received through unofficial email domains or personal apps - Video or audio that seems slightly robotic, with inconsistent lip-sync or limited movement - New payment instructions involving unknown accounts, vendors, or urgent GST/payment compliance - Attempts to avoid company protocol, such as skipping the usual dual-verification for big transfers Protective Measures - Always pause if asked to make a confidential, urgent transfer—never act on one person's instruction alone - Cross-check using previously known phone numbers or out-of-band channels (not the contact used in the suspicious message) - Confirm all new account details and payment requests with another verified senior employee - Watch for subtle changes in communication style, voice, or email address spelling - Train staff to spot deepfake signs and enforce multi-level approval for high-value payments If Victimised - Alert your company leadership and IT/security team immediately - Contact your bank to attempt reversal or freezing of the transaction - File a complaint with the nearest police and report at cybercrime.gov.in - Dial 1930 (national cyber helpline) for urgent support - Inform the Reserve Bank of India (RBI) if the scam involves banking or payment systems Related Scams - Fake Supplier Payment Scams: Criminals impersonate vendors, asking for urgent transfers - Deepfake Job Offer Scams: Pretending to be HR or leadership, scammers target job seekers for fees - Recovery Agent Impersonation Scams: Fraudsters promise money recovery for a fee using deepfake audio

How This Scam Works — Detailed Explanation

The Fake CFO Deepfake Video Transfer Scam primarily targets companies with employees in financial roles, leveraging the rise of deepfake technology. Scammers often gather information through social media platforms such as LinkedIn, or by exploiting company websites to identify employees, especially those in finance departments. They may also deploy phishing techniques to acquire critical personal data. After compiling enough information about the company's executives and workflows, scammers create a synthetic video using deepfake technology. In this video, a convincingly altered image of a key executive, frequently the CFO or CEO, urges the employee to complete urgent financial transactions — typically via UPI. Given the sophistication of the technology, these interactions can occur over email or video conferencing platforms, making them appear strikingly genuine, and disarming employees, who may not suspect foul play.

To execute this scam, fraudsters utilize psychological manipulation. They create a sense of urgency, pressuring employees by claiming time-sensitive business opportunities or unexpected financial requirements. The deepfake videos can trick employees into feeling reassured by a 'real' visual presence of their boss, lowering their guard. They may instruct employees to use new, unfamiliar UPI IDs for transferring funds, which diverts the transaction to the scammers’ accounts. Scammers frequently exploit traditional company protocols by pushing employees to bypass verification processes. This blend of emotional manipulation and technological sophistication creates a potent threat that is difficult to counteract for even seasoned professionals.

When a victim is targeted, the initial contact usually happens via an email or video call that seems convincingly authentic. The employee is then asked to authorize an urgent transfer of funds, generally instructing them not to disclose this request to others, reflecting the secrecy criminals wish to create around the scam. For example, if an employee at a mid-sized firm in India receives a directive to make an urgent UPI transfer amounting to ₹10 lakhs to an account they have never dealt with, the pressure to comply can lead to hasty decisions. These scenarios have led to significant financial losses; in recent months, business professionals across India lost nearly ₹200 crores due to scams mimicking executive communications, making a worrying trend that needs immediate attention.

The impact of the Fake CFO Deepfake Video Transfer Scam on businesses and individuals in India has been profoundly detrimental. According to reports from the Ministry of Home Affairs (MHA) and the Reserve Bank of India (RBI), these scams have resulted in a staggering amount of losses, particularly among small to medium-sized enterprises that may not have robust fraud detection measures in place. In FY2022-2023, CERT-In issued warnings relating to these types of scams, which have heightened awareness among companies, though many employees still fall victim to the tricks used by cybercriminals. The irony is that while the technology for creating these deepfakes has advanced, measures to secure against such scams are lagging, emphasizing the need for stringent verification protocols on all financial transactions.

To differentiate between legitimate communications and those associated with this scam, employees should be vigilant about the signs that accompany such fraudulent requests. Genuine communications from a CFO or any executive typically come from official company email addresses, and urgency will always be matched with verification. Victims often miss standard company checks, such as secondary approvals for funds exceeding a specific limit. Other indicators include unnatural speech patterns in video calls — a robotic tone or unnatural pauses often hint at AI-generated content. Being aware of these red flags is crucial in preventing succumbing to the persuasive but dangerous tactics employed by scammers.

Visual Intelligence:

BharatSecure's AI has identified this as a used in scams targeting Indian users.

Who Does Fake CFO Deepfake Video Transfer Scam Target?

General public across India

Red Flags — How to Identify Fake CFO Deepfake Video Transfer Scam

Unusual urgency and secrecy about a transaction
Request for payment via new, unknown accounts or UPI IDs
Contact via unofficial email address[ADDRESS_REDACTED]
Video or voice has robotic tone or unnatural pauses
Instructions to ignore or bypass usual company protocols

What To Do If You Encounter Fake CFO Deepfake Video Transfer Scam

Report the incident immediately by calling the cybercrime helpline at 1930.
Inform your manager or IT department about the incident without delay.
Verify any payment requests through an alternative communication channel, such as a direct call to the executive.
Monitor your bank account for unauthorized transactions and report these to your bank.
Change passwords and enable two-factor authentication on business accounts.
Educate yourself and your team on recognizing deepfake technologies and related scams.

How to Report Fake CFO Deepfake Video Transfer Scam in India

Call 1930 — National Cyber Crime Helpline (24x7)
File a complaint at cybercrime.gov.in
Contact your bank immediately if money was lost
Call RBI helpline: 14440 for banking fraud

Frequently Asked Questions

What to do if I shared my UPI details in a suspected scam?: Immediately notify your bank’s helpline, such as SBI at 1800-11-1109 or HDFC at 1800-202-6161, and report the incident on cybercrime.gov.in.
How do I know if a video call request is a deepfake?: Look for signs like unnatural speech patterns, unusual requests outside standard protocols, and verify the caller's identity via another channel.
How can I report this type of scam in India?: You can report the scam to the cybercrime helpline at 1930 or file a complaint at cybercrime.gov.in. Make sure to inform your bank of any fraudulent transactions.
What steps can I take to recover lost money after this scam?: Report the scam to your bank immediately; they may help in freezing the transaction if reported in time. Also, file an FIR with local police and check cybercrime.gov.in for further guidance.

Verify Any Suspicious Message

Check any suspicious message, link, or call for free at bharatsecure.app. BharatSecure uses AI to detect scams in real-time and protect Indian users.