What to do if I shared my OTP in a UPI scam?

Immediately contact your bank's helpline, such as SBI at 1800-11-1109 or HDFC at 1800-202-6161. Report the incident to 1930 for extra security.

How can I identify the Virtual Camera Liveness Bypass scam?

Be wary if the KYC video appears staged, if you see familiar faces in different sessions, or if you're asked for webcam permissions unexpectedly.

How do I report this type of scam in India?

Report it to the cybercrime helpline at 1930, visit cybercrime.gov.in, and also inform your bank of the fraudulent activity.

How can I recover money or protect my accounts after falling victim to this scam?

Immediately freeze your bank accounts and change all related passwords. File a complaint at your nearest police station and provide all details requested for investigation.

Virtual Camera Liveness Bypass Scam

INDIA — By BharatSecure Threat Intelligence Team · Updated May 28, 2026

Verdict: Suspicious | Risk Score: 8/10 | Severity: high

Category: UPI, KYC, Loan App

How Virtual Camera Liveness Bypass Scam Works

Overview: The Virtual Camera Liveness Bypass scam allows attackers to trick KYC systems by streaming pre-recorded or AI-generated video instead of using a real-time webcam. This lets fraudsters sidestep facial recognition or liveness verification needed by Indian banks and NBFCs for digital onboarding and loan processing. Such scams threaten financial inclusion, as bogus accounts can be created for money laundering or instant credit fraud, often leaving the real identity victims unaware. How It Works: 1. The scammer installs a ‘virtual camera’ software on their system, which can play a video file as if it’s a real webcam feed. 2. Using either their own face or a deepfake animation based on forged ID documents, they record a video mimicking the steps required by the KYC process (like turning the face, blinking, or speaking pre-set phrases). 3. This fake video is then streamed into the KYC app via the virtual camera, passing all simple checks that only confirm motion, not true presence. 4. The attacker completes digital account opening or gets approval for online financial services, bypassing in-person verification entirely. India Angle: In India, this tactic is used against digital-first financial institutions and fintech payment products that have fully remote onboarding. UPI apps, digital wallets, and instant-loan services are heavily targeted. The scam flourishes in metros and Tier II cities where people are eager for quick digital access and often trust automated KYC. Many young adults and semi-urban entrepreneurs seeking fast accounts fall prey. Real Examples: - A Gujarat-based lending firm receives several account openings within minutes, all with similar device IDs – later traced to pre-recorded deepfake webcam streams. - “For KYC, please grant camera permissions. Your camera will turn on automatically after clicking Start.” (But the system is secretly accepting virtual camera feeds.) Red Flags: - KYC process never prompts for manual face movements (turning head, smiling, speaking specific lines). - Webcam permissions requested, but the video feeds look consistently staged across different sessions. - You notice multiple consent requests from unknown banking apps or device activity logs referencing "/virtualcam" drivers. Protective Measures: - Do not trust financial apps that lack robust, interactive liveness checks like random prompts or questions. - Check your device’s camera permissions regularly for unknown or suspicious apps. - If prompted for digital KYC, see if the company offers in-person or branch-based alternatives. - Review your bank account registration regularly for suspicious activity. If Victimised: - Block unknown apps and report suspicious activity to your service provider. - File a cybercrime report via 1930 and cybercrime.gov.in. - Alert your lender or bank’s KYC/anti-fraud team. Related Scams: - Deepfake KYC selfie fraud - Document-only KYC bypass - Aadhaar-based mobile change scam

How This Scam Works — Detailed Explanation

In the modern digital landscape, scammers are increasingly using sophisticated techniques to exploit vulnerabilities in identity verification systems. The Virtual Camera Liveness Bypass scam operates primarily through popular platforms like WhatsApp, where attackers establish communication with potential victims under the guise of financial institutions or tech support. They often approach unsuspecting individuals by promoting lucrative offers, such as quick loans or high-yield investments, luring them into a seemingly legitimate process that involves KYC (Know Your Customer) compliance. This communication frequently begins with an invitation to download a specific app that claims to assist with digital onboarding.

Once a victim has downloaded the app, the scammers employ psychological tricks to manipulate them into compliance. For instance, they may create a false sense of urgency by claiming that failure to complete KYC promptly will lead to account suspension or loss of a loan offer. The app often requests access to the device’s camera, promising a seamless video verification process. Victims are typically unaware that they are being guided through a controlled environment where they will record a pre-recorded video or even a generated AI video. The attackers use social engineering tactics that trigger anxiety and a fear of missing out, making individuals more likely to disregard any red flags.

As the scam unfolds, victims are led through a series of steps designed to bypass the liveness checks that banks and non-banking financial companies (NBFCs) employ. For example, a user might receive a message claiming that their profile must be verified through a live video call. However, unbeknownst to them, what they are actually doing is streaming a pre-recorded presentation that the attackers will use to create a fraudulent identity. This scam can easily become a nightmare; countless people have unwittingly provided personal information, including their Aadhaar number and UPI details, believing they are completing a legitimate onboarding process. In many reported cases, once the bogus accounts are established, fraudsters begin initiating unauthorized transactions that result in significant financial losses for the victims.

The repercussions of the Virtual Camera Liveness Bypass scam are severe and illustrate the scale of fraud taking hold in India. Reports show that in the last year alone, cybercrimes have cost Indians over ₹50,000 crores, with KYC scams being a significant portion of this loss. The Ministry of Home Affairs (MHA), the Reserve Bank of India (RBI), and the Indian Computer Emergency Response Team (CERT-In) have all issued advisories urging individuals to remain vigilant against such scams. Vulnerable populations, who may lack digital literacy, are particularly at risk, often resulting in ruined financial stability and damage to their credit ratings, as well as mistrust in digital banking systems.

To remain cautious and protect oneself from falling victim to scams like this, understanding the legitimate processes used by financial institutions is crucial. Recognizing red flags can be life-changing; for instance, if an app does not perform random liveness challenges during the KYC process or lists unknown virtual camera drivers, these should trigger alarms. By being aware of these crucial indicators, users can significantly minimize their risk of being scammed.

Visual Intelligence:

BharatSecure's AI has identified this as a used in scams targeting Indian users.

Who Does Virtual Camera Liveness Bypass Scam Target?

General public across India

Red Flags — How to Identify Virtual Camera Liveness Bypass Scam

KYC video looks staged or identical in multiple sessions
Unexpected app requests for webcam permissions
Device lists unknown 'virtual camera' drivers
Digital onboarding has no random liveness challenge

What To Do If You Encounter Virtual Camera Liveness Bypass Scam

Report immediately to the cybercrime helpline by dialing 1930 or visiting cybercrime.gov.in.
Contact your bank's customer service to freeze your accounts if you suspect fraud.
Change your UPI and bank account passwords without delay.
Inform your contacts on WhatsApp and other platforms about the potential scam.
Monitor your bank statements closely for unauthorized transactions.
Utilize the National Payments Corporation of India's (NPCI) fraud reporting mechanism.

How to Report Virtual Camera Liveness Bypass Scam in India

Call 1930 — National Cyber Crime Helpline (24x7)
File a complaint at cybercrime.gov.in
Contact your bank immediately if money was lost
Call RBI helpline: 14440 for banking fraud

Frequently Asked Questions

What to do if I shared my OTP in a UPI scam?: Immediately contact your bank's helpline, such as SBI at 1800-11-1109 or HDFC at 1800-202-6161. Report the incident to 1930 for extra security.
How can I identify the Virtual Camera Liveness Bypass scam?: Be wary if the KYC video appears staged, if you see familiar faces in different sessions, or if you're asked for webcam permissions unexpectedly.
How do I report this type of scam in India?: Report it to the cybercrime helpline at 1930, visit cybercrime.gov.in, and also inform your bank of the fraudulent activity.
How can I recover money or protect my accounts after falling victim to this scam?: Immediately freeze your bank accounts and change all related passwords. File a complaint at your nearest police station and provide all details requested for investigation.

Related Scams in India

Verify Any Suspicious Message

Check any suspicious message, link, or call for free at bharatsecure.app. BharatSecure uses AI to detect scams in real-time and protect Indian users.