#FactCheck - AI-Generated Video Falsely Claims Salman Khan Is Joining AIMIM
A video of Bollywood actor Salman Khan is being widely circulated on social media, in which he can allegedly be heard saying that he will soon join Asaduddin Owaisi’s party, the All India Majlis-e-Ittehadul Muslimeen (AIMIM). Along with the video, a purported image of Salman Khan with Asaduddin Owaisi is also being shared. Social media users are claiming that Salman Khan is set to join the AIMIM party.
CyberPeace research found the viral claim to be false. Our research revealed that Salman Khan has not made any such statement, and that both the viral video and the accompanying image are AI-generated.
Claim
Social media users claim that Salman Khan has announced his decision to join AIMIM.On 19 January 2026, a Facebook user shared the viral video with the caption, “What did Salman say about Owaisi?” In the video, Salman Khan can allegedly be heard saying that he is going to join Owaisi’s party. (The link to the post, its archived version, and screenshots are available.)
Fact Check:
To verify the claim, we first searched Google using relevant keywords. However, no credible or reliable media reports were found supporting the claim that Salman Khan is joining AIMIM.
In the next step of verification, we extracted key frames from the viral video and conducted a reverse image search using Google Lens. This led us to a video posted on Salman Khan’s official Instagram account on 21 April 2023. In the original video, Salman Khan is seen talking about an event scheduled to take place in Dubai. A careful review of the full video confirmed that no statement related to AIMIM or Asaduddin Owaisi is made.
Further analysis of the viral clip revealed that Salman Khan’s voice sounds unnatural and robotic. To verify this, we scanned the video using AURGIN AI, an AI-generated content detection tool. According to the tool’s analysis, the viral video was generated using artificial intelligence.
Conclusion
Salman Khan has not announced that he is joining the AIMIM party. The viral video and the image circulating on social media are AI-generated and manipulated.
Related Blogs
.webp)
In what is being stated by experts to be one of the largest data breaches of all time, approximately 16 billion passwords were exposed online last week. According to various news reports, the leak contains credentials spanning a broad array of online services, including Facebook, Instagram, Gmail, etc., creating a serious alarm across the globe. Cybersecurity specialists have noted that this leak poses immense risks of account takeovers, identity theft, and enabling phishing scams. The leaked data is being described as a “collection-of-collections,” with multiple previously breached databases compiled into one easy-to-access repository for cybercriminals.
Infostealer Malware and Why It’s a Serious Threat
This incident brought to light a type of malware that experts refer to as the Infostealer. Just as the name suggests, this is a malware program made expressly to take personal information from compromised computers and devices, including cookies, session tokens, browser data, login credentials, and more. It targets high-value credentials, as opposed to ransomware, which encrypts files for ransom, or spyware that passively watches users. Once installed, they silently gather passwords, screenshots, and other information while hiding inside unassuming software, such as a game, utility, or browser plugin. Once stolen, these credentials are then combined by hackers to create databases, which are then offered for sale on dark web forums or even made public, as was the case in this breach. This is particularly risky since, if session tokens or other browser data are also taken, these credentials can be used to get around even two-factor authentication. As a result, the leak would also enable the rise of other crimes such as phishing.
Guidelines for protection
In response to this breach, India’s Computer Emergency Response Team (CERT-IN) issued an advisory, urging all internet users to take immediate action to protect their accounts. Although this is in response to the specific data leak, these are some key measures advised to be followed to maintain a general standard of cyber hygiene at all times.
- Reset your passwords: In case of incidents such as the above, users are advised to change the passwords of their accounts immediately. More so of the ones that have been compromised and need to be prioritised, such as email, online banking, and social media etc.
- Use strong, unique passwords and password manager features: Avoid password reuse across platforms. Using a password manager on a trusted platform can aid in storing and recalling them for different accounts.
- Monitor account activity: Check activity logs, especially for signs of unrecognised login attempts or password-reset notifications.
- Enable Multi-Factor Authentication (MFA): The user is advised to enable two-step verification (via an app like Google Authenticator or a hardware key), which will add an extra security layer.
- Phishing attacks: Cybercriminals will likely attempt to use leaked credentials to impersonate legitimate companies and send phishing emails. Read carefully before clicking on any links or attachments received.
- Scan devices for malware: Run updated antivirus or anti-malware scans to catch and remove infostealers or other malicious software lurking on your device.
Why This Data Breach is a Wake-Up Call
With 16 billion credentials exposed, this breach highlights the critical need for robust personal cybersecurity hygiene. It also reveals the persistent role of infostealer malware in feeding a global cybercrime economy, one where credentials are the most valuable assets. As Infosecurity Europe and other analysts highlight, infostealers are lightweight, often distributed via phishing or malicious downloads, and are highly effective at lifting data in the background without alerting the user. Even up-to-date antivirus software can struggle to catch new variants, making proactive security practices with respect to such malware all the more essential. In a time where data is everything, access to credentials can derive power and safety, regarding it must be kept in check.
Conclusion
This breach is a reminder that cybersecurity is a shared responsibility. Even with protective systems in place with respect to the industries and official authorities, every internet user must do their part in protecting themselves through cyber hygiene practices such as resetting passwords, using multi-factor authentication, staying vigilant against phishing scams, and ensuring devices are regularly scanned for malware. While breaches like this can seem overwhelming and might create a surge of panic, practical measures go a long way in mitigating exposure. Staying informed and proactive is the best defence one can adopt in a rapidly evolving threat landscape.
References
- https://economictimes.indiatimes.com/news/international/us/16-billion-passwords-exposed-in-unprecedented-cyber-leak-of-2025-experts-raise-global-alarm/articleshow/121961165.cms?from=mdr
- https://timesofindia.indiatimes.com/technology/tech-news/16-billion-passwords-leaked-on-internet-what-you-need-to-know-to-protect-your-facebook-instagram-gmail-and-other-accounts/articleshow/121967191.cms
- https://indianexpress.com/article/technology/tech-news-technology/16-billion-passwords-leaked-online-what-we-know-10077546/
- https://indianexpress.com/article/technology/tech-news-technology/16-billion-passwords-leaked-online-what-we-know-10077546/
- https://www.hindustantimes.com/business/certin-issues-advisory-after-data-breach-of-16-billion-credentials-asks-people-to-change-passwords-101750779940872.html
- https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES02&VLCODE=CIAD-2025-0024
- https://www.infosecurityeurope.com/en-gb/blog/threat-vectors/guide-infostealer-malware.html
Introduction
The Ministry of Communications, Department of Telecommunications notified the Telecommunications (Telecom Cyber Security) Rules, 2024 on 22nd November 2024. These rules were notified to overcome the vulnerabilities that rapid technological advancements pose. The evolving nature of cyber threats has contributed to strengthening and enhancing telecom cyber security. These rules empower the central government to seek traffic data and any other data (other than the content of messages) from service providers.
Background Context
The Telecommunications Act of 2023 was passed by Parliament in December, receiving the President's assent and being published in the official Gazette on December 24, 2023. The act is divided into 11 chapters 62 sections and 3 schedules. The said act has repealed the old legislation viz. Indian Telegraph Act of 1885 and the Indian Wireless Telegraphy Act of 1933. The government has enforced the act in phases. Sections 1, 2, 10-30, 42-44, 46, 47, 50-58, 61, and 62 came into force on June 26, 2024. While, sections 6-8, 48, and 59(b) were notified to be effective from July 05, 2024.
These rules have been notified under the powers granted by Section 22(1) and Section 56(2)(v) of the Telecommunications Act, 2023.
Key Provisions of the Rules
These rules collectively aim to reinforce telecom cyber security and ensure the reliability of telecommunication networks and services. They are as follows:
The Central Government agency authorized by it may request traffic or other data from a telecommunication entity through the Central Government portal to safeguard and ensure telecom cyber security. In addition, the Central Govt. can instruct telecommunication entities to establish the necessary infrastructure and equipment for data collection, processing, and storage from designated points.
● Obligations Relating To Telecom Cybersecurity:
Telecom entities must adhere to various obligations to prevent cyber security risks. Telecommunication cyber security must not be endangered, and no one is allowed to send messages that could harm it. Misuse of telecommunication equipment such as identifiers, networks, or services is prohibited. Telecommunication entities are also required to comply with directions and standards issued by the Central Govt. and furnish detailed reports of actions taken on the government portal.
● Compulsory Measures To Be Taken By Every Telecommunication Entity:
Telecom entities must adopt and notify the Central Govt. of a telecom cyber security policy to enhance cybersecurity. They have to identify and mitigate risks of security incidents, ensure timely responses, and take appropriate measures to address such incidents and minimize their impact. Periodic telecom cyber security audits must be conducted to assess network resilience against potential threats for telecom entities. They must report security incidents promptly to the Central Govt. and establish facilities like a Security Operations Centre.
● Reporting of Security Incidents:
- Telecommunication entities must report the detection of security incidents affecting their network or services within six hours.
- 24 hours are provided for submitting detailed information about the incident, including the number of affected users, the duration, geographical scope, the impact on services, and the remedial measures implemented.
The Central Govt. may require the affected entity to provide further information, such as its cyber security policy, or conduct a security audit.
CyberPeace Policy Analysis
The notified rules reflect critical updates from their draft version, including the obligation to report incidents immediately upon awareness. This ensures greater privacy for consumers while still enabling robust cybersecurity oversight. Importantly, individuals whose telecom identifiers are suspended or disconnected due to security concerns must be given a copy of the order and a chance to appeal, ensuring procedural fairness. The notified rules have removed "traffic data" and "message content" definitions that may lead to operational ambiguities. While the rules establish a solid foundation for protecting telecom networks, they pose significant compliance challenges, particularly for smaller operators who may struggle with costs associated with audits, infrastructure, and reporting requirements.
Conclusion
The Telecom Cyber Security Rules, 2024 represent a comprehensive approach to securing India’s communication networks against cyber threats. Mandating robust cybersecurity policies, rapid incident reporting, and procedural safeguards allows the rules to balance national security with privacy and fairness. However, addressing implementation challenges through stakeholder collaboration and detailed guidelines will be key to ensuring compliance without overburdening telecom operators. With adaptive execution, these rules have the potential to enhance the resilience of India’s telecom sector and also position the country as a global leader in digital security standards.
References
● Telecommunications Act, 2023 https://acrobat.adobe.com/id/urn:aaid:sc:AP:767484b8-4d05-40b3-9c3d-30c5642c3bac
● CyberPeace First Read of the Telecommunications Act, 2023 https://www.cyberpeace.org/resources/blogs/the-government-enforces-key-sections-of-the-telecommunication-act-2023
● Telecommunications (Telecom Cyber Security) Rules, 2024
Executive Summary:
A viral social media claim suggested that India Post would discontinue all red post boxes across the country from 1 September 2025, attributing the move to the government’s Digital India initiative. However, fact-checking revealed this claim to be false. India Post’s official X (formerly Twitter) and Instagram handles clarified on 7 August 2025 that red letterboxes remain operational, calling them timeless symbols of connection and memories. No official notice or notification regarding their discontinuation exists on the Department of Posts’ website. This indicates the viral posts were misleading and aimed at creating confusion among the public.
Claim:
A claim is circulating on social media stating that India Post will discontinue all red post boxes across the country effective 1 September 2025. According to the viral posts,[archived link] the move is being linked to the government’s push towards Digital India, suggesting that traditional post boxes have lost their relevance in the digital era.
Fact Check:
After conducting a reverse image analysis, we found that the official X handle of India Post, in a post dated 7 August 2025, clarified that the viral claim was incorrect and misleading. The post was shared with the caption:
I’m still right here and always will be!"
India Post is evolving with the times, but some things will remain the same- always. We have carried love, news, and stories for generations... And guess what? Our red letterboxes are here to stay.
They are symbols of connection, memories, and moments that mattered. Then. Now. Always.
Keep sending handwritten letters- we are here for you.
This directly refutes the viral claim about the discontinuation of the red post box from 1 September 2025. A similar clarification was also posted on the official Instagram handle @indiapost_dop on the same date.
Furthermore, after thoroughly reviewing the official website of the Department of Posts, Government of India, we found absolutely no trace, notice, or even the slightest mention of any plan to discontinue the iconic red post boxes. This complete absence of official communication strongly reinforces the fact that the viral claim is nothing more than a baseless and misleading rumour.
Conclusion:
The claim about the discontinuation of red post boxes from 1 September 2025 is false and misleading. India Post has officially confirmed that the iconic red letterboxes will continue to function as before and remain an integral part of India’s postal services.
- Claim: A viral claim suggests that India Post will remove all red letter boxes across the country beginning 1 September 2025.
- Claimed On: Social Media
- Fact Check: False and Misleading
