New Delhi: The Ministry of Home Affairs has issued a fresh advisory warning about the increasing misuse of Artificial Intelligence (AI) by cybercriminals to create highly convincing deepfake videos and synthetic identities aimed at compromising financial and digital ecosystems.
According to the advisory issued by the National Cybercrime Threat Analytics Unit (NCTAU) under the Indian Cyber Crime Coordination Centre (I4C) of the Home Ministry, fraudsters are increasingly using advanced AI tools to create realistic digital impersonations capable of deceiving authentication systems.
“These technologies may be exploited to bypass facial authentication, liveness verification, Video-KYC, account recovery and unauthorised access to financial and digital services. Fraudsters may attempt to gain unauthorised access to accounts by using facial recordings obtained through deceptive video calls, fake online job interviews or social engineering tactics,” the advisory stated.
Explaining the emerging pattern of such cybercrimes, the NCTAU said fraudsters are following a multi-stage process to carry out identity-based attacks.
The process often begins with an initial approach through social media platforms, messaging applications, job portals, dating applications or direct phone calls. After establishing communication, attackers attempt to collect facial data of victims.
The advisory noted that facial information may already be available through publicly accessible online content. In several cases, victims are manipulated into performing specific facial actions such as looking into a camera, turning their heads, blinking repeatedly or speaking during video interactions.
The collected recordings are then processed using AI-powered deepfake technology. Using these tools, cybercriminals can create highly realistic digital replicas that imitate a person’s facial expressions, eye movements, gestures and even voice.
The advisory warned that if systems do not have effective deepfake detection mechanisms, these fake identities could be used to bypass facial authentication and liveness verification checks.
Authorities further cautioned that AI-generated content could also be misused to carry out fraudulent Know Your Customer (KYC) verification. By defeating identity verification safeguards used by financial institutions, criminals may be able to create, activate or operate bank accounts and other financial services for illegal activities.
To address these evolving threats, the NCTAU has recommended several security measures for institutions and individuals. It advised customer onboarding systems, including those operated by fintech companies, to adopt strong mechanisms capable of identifying deepfakes and other forms of artificially generated content.
“Locking your biometric profile is the strongest defence against this type of remote identity theft,” the advisory said.
Individuals have also been advised to closely monitor email alerts and notifications for suspicious login attempts or unusual authentication activity that could indicate misuse of their identity.
The advisory stressed that any suspected financial fraud or identity theft should be reported immediately. Citizens have been encouraged to document incidents through the National Cyber Crime Reporting Portal and provide relevant details, including the fraudster’s contact information and any video links associated with the scam.
The NCTAU also warned users to stay alert to sudden disruptions in mobile network services, stating that such incidents could be a possible sign of fraudulent SIM swap attacks.
Issuing a broader warning, the advisory clarified that it was released to create awareness about emerging AI-enabled identity fraud techniques. It added that references to authentication systems and identity verification processes were based on observed threat trends and “do not imply vulnerabilities or compromise of any specific organisation, platform or service.”
With IANS inputs