#FactCheck- AI-Generated Image Falsely Shows SRH Team Seeking Blessings

Introduction

‍

On June 11, 2026, the Ministry of Home Affairs (MHA) India released one of the most critical Indian government advisories concerning cybersecurity by the Indian Cyber Crime Coordination Centre (I4C) under the National Cybercrime Threat Analytics Unit (NCTAU) concerning the immediate and escalating threat posed by the weaponization of generative artificial intelligence to forge synthetic biometric identities capable of bypassing the existing facial verification mechanisms in India. This advisory is arguably one of the most explicit Indian government recognitions of the deep-seated threats associated with AI-generated deepfakes in the country’s digital financial infrastructure. As many Indian financial service providers embrace facial recognition and biometric verification systems for customer onboarding and authentications, the myth that biometric traits are in themselves secure is slowly unraveling.

The advisory states that cybercriminals are deploying sophisticated AI tools to forge such credible digital simulacrums that exhibit such a precise similarity of facial expressions, eye movements, eye blinks, head movements, and voice patterns that they are virtually indistinguishable from the originals for identity verification mechanisms. Such a confluence of easy AI technology, mass onboarding of digital identities, and underdeveloped infrastructure to detect these synthetics requires urgent regulatory, institutional, and technological intervention.

‍

The I4C Advisory: Core Findings and Threat Architecture

‍

In its advisory, NCTAU describes a complex, multi-step attack chain used by scammers to capture biometric information and perpetrate fraud using everyday social interactions. The attackers typically use social media accounts, chat messengers, online job applications, dating applications, or direct phone calls to reach their targets. These interactions are presented as innocuous, such as for video calls, job interviews, identity checks, or just normal conversation with the intention of recording facial and vocal data.

During these interactions, victims may be asked to perform gestures commonly seen in legitimate video calls, such as look directly at the camera, blink, turn their head, or say specific phrases. However, the perpetrators record this video feed without the victim's knowledge and then use deep learning generative AI technologies to process it. Through methods such as Generative Adversarial Networks (GANs) and diffusion models, the scammers create photorealistic synthetic duplicates of the target, capable of mirroring all physical and vocal attributes, such as facial expressions, blinking patterns, head movements, and even voice tones.

The advisory explicitly states that these synthetic identities can be used for a variety of fraudulent activities, such as spoofing face authentication systems, circumventing liveness detection checks, successfully completing video KYC, enabling fraudulent account recovery processes, and illegally accessing bank and financial services. NCTAU also cautions that these voice deepfakes may be paired with facial deepfakes in an attempt to undermine multi-modal authentication methods, and the occurrence of related SIM-swap attacks can eliminate the last layer of security in OTP verification and facilitate a complete account compromise.

‍

The scale of India's Digital Financial Ecosystem

‍

The scale of I4C's detected threat can be better understood by considering India's entire digital financial landscape. In 2025 India has witnessed over 228 billion UPI transactions, with 21.63 billion in December alone, an annual growth rate of 29% from 2024, and an active user base of over 500 million by the beginning of 2026. Furthermore, total e-KYC transactions by April 2025 have exceeded 2,393 crore, and thus, it can be seen the extent to which these aspects of finance (banking, insurance, and credit) are now conducted via remote digital verification. The transformation, although instrumental in increasing financial inclusion, has, according to some analysts, created an attack surface of historic scale. As hundreds of millions more become financially integrated via the very same channels that now form the country's infrastructure and systems of identity, the threat from identity-based fraud becomes astronomically large. 

Indian government data further illustrates the extent to which such frauds are a growing concern. Cybercrime cases jumped 42% year-on-year to 2.27 million in 2024, resulting in losses amounting to nearly 228.45 billion. Within that, 1.34 million UPI cases, worth 1,087 crore, occurred in FY2024 alone, while cybercrimes in general soared from 260,000 cases in 2021 to nearly 2.8 million by 2025, totaling cybercrime losses of 22,931 crore.

‍

How Do Deepfakes Defeat Biometric Systems?

‍

Deepfake fraud, in particular, is extremely difficult to counteract due to the direct attack it poses on the assumptions underlying traditional verification systems. Passive techniques for verifying a live person from a static photo or video existed that primarily looked for similarities in textures, lighting, and geometrical properties or challenged subjects to perform an action in real-time. But the generation of real-time face swapping that contains blinks, head motion, and speaking can now be produced on even cheap machines. Cybercriminals can exploit these by using virtual camera drivers to "inject" the false image feed into the live verification session, nullifying any passive liveness checks. Data from the industry clearly shows the extent of this problem: iProov, a leading authenticator, documented a 7.8-fold rise in injection attacks in 2024; Jumio noted an 88% increase in deepfake-induced fraud in 2025; and voice-deepfake attacks on financial call centres saw a 6.8-fold increase in 2024. 

Gartner had also predicted that 30% of organizations would have lost trust in facial verification alone by 2026, and work by Kubam (2024) confirmed a lack of multi-factor authentication such as cross-validation of biometric, document, and device integrity signals used within KYC platforms. Such fears have been corroborated by FATF's 2025 Horizon Scan, which classified deepfakes as an emerging threat to the AML/CDD framework and digital identity verification.

‍

Recommendations by I4C

‍

I4C's advisory goes beyond merely warning about threats and lists actionable recommendations to both institutions and citizens. Banks, NBFCs, fintech companies, and onboarding platforms have been advised to incorporate advanced deepfake and synthetic content detection techniques into their verification flows, given that first-generation liveness checks are not enough. They should employ a multi-modal strategy that considers face features along with the device, network signals, behavioral biometrics, and alignment of face and voice. They also have been advised to make a more robust upgrade of their onboarding and verification platforms, as much of the current remote verification architecture was built in a less sophisticated threat context. This aligns with the KYC Master Direction of the RBI that specifies end-to-end encryption, IP-based access controls, geotagging, and technology platforms and systems are to be upgraded frequently. Citizens are advised by I4C to keep their biometric information secure; be careful of unsolicited video calls and online interviews; keep an eye on transaction-related SMS and emails; and report suspicious instances through the National Cybercrime Reporting Portal and through the telephone number 1930. It is clarified that this advisory aims to create awareness of developing AI-based identity fraud schemes, and it is not a declaration that any specific organization, platform, or service is vulnerable.

‍

^{The Legislative Dimension: India's Evolving Response to Synthetic Media}

‍

The problem highlighted by I4C is evolving in a heavily legislated environment, not a legal void. The first-ever legal definition of "synthetic media" in India came into force in the Information Technology Amendment Rules 2026 on February 20, 2026. These rules oblige significant platforms to remove deepfakes and non-consensual intimate media within three hours and two hours, respectively, or lose their safe harbor protection under Section 79 of the IT Act. While the provision focuses on harm stemming from content, this creates a new legal and normative precedent on dealing with AI-induced deception. However, financial frauds facilitated through deepfakes are not content but involve the use of remote identity verification and customer onboarding systems, which require specific technical standards. The overall policy environment when viewed in light of the FATF Horizon Scan, RBI KYC rules, and recent I4C advisory already offers significant scope to define and introduce mandatory deepfake detection and identity assurance standards even before these are explicitly legislated.

‍

Institutional and Technical Recommendations

‍

1. For Financial Institutions and Fintech platforms: The existing verification systems (liveness detection) must be replaced with multi-layered deep-fake detection processes, including injection attack detection, behavioral biometrics, cross-modal facial and voice verification, device integrity check, and hardware attestation during onboarding itself.
2. For Regulators: The RBI and Ministry of Home Affairs should work together to release technical standards that specify minimum deepfake-detection requirements for video-KYC and remote onboarding systems in line with FATF digital identity guidance and the upcoming EU AI Act.
3. For researchers and academia: Dedicated studies on deepfake detection performance across varied demographic, linguistic, and regional populations of India should be prioritized. Current models are mostly trained on Western data.
4. For citizens: Face recordings and other biometric information should be treated with the same caution as sensitive financial details. Be wary of unsolicited video calls, remote interviews, or verification requests from unknown people, and report suspicious activities on any account immediately via the National Cybercrime Helpline (1930) or cybercrime.gov.in.

‍

Conclusion

‍

The I4C advisory of June 2026 marks a critical recognition that advances in generative AI have fundamentally challenged the reliability of facial biometric authentication. For a country whose digital financial ecosystem relies heavily on remote identity verification, the implications are significant. The integrity of India's financial inclusion framework now depends on rapidly strengthening identity assurance mechanisms. Addressing this threat will require coordinated action by regulators, financial institutions, technology developers, researchers, and citizens to develop robust technical standards, enhance detection capabilities, and build public awareness at a pace matching the evolution of AI-enabled fraud.

‍

References and Sources

‍

1. I4C / NCTAU Advisory, June 2026 — National Cybercrime Threat Analytics Unit, Indian Cyber Crime Coordination Centre, Ministry of Home Affairs, Government of India. Advisory on AI-Enabled Deepfake Identity Fraud. Issued 11 June 2026.
2. shuftipro.com/blog/key-takeaways-from-fatf-horizon-scan-report-on-deepfakes
3. https://timesofindia.indiatimes.com/india/fraudsters-creating-deepfakes-to-bypass-facial-authentication-i4c/articleshow/131668958.cms
4. hyperverge.co/blog/what-is-a-deepfake
5. iproov.com/reports/threat-intelligence-report-2026
6. arxiv.org/pdf/2601.06241

‍

Introduction

‍

In today’s digital environment, national security challenges extend well beyond traditional military domains. One growing concern is the unauthorised extraction of information, which is increasingly being used through subtle and gradual methods rather than overt force. Recent advisories point to a rising pattern in which foreign organisations seek to recruit individuals to collect and handle sensitive material, often using financial cybercrime networks as part of their operational ecosystem. This trend has implications for journalists, defence personnel, researchers, students, and academics working in strategic, geopolitical, and security-related fields. The core risk lies in the fact that these activities can proceed quietly and without coercion, with participants sometimes unaware that their actions may contribute to intelligence gathering efforts.

‍

Digital Platforms as Vectors for Targeted Recruitment

‍

Professional networking and job portals have become central to modern career development. The same visibility that supports professional advancement is being misused by others. Foreign entities reportedly use these platforms to identify individuals with experience in journalism, defence services, strategic studies, cybersecurity, and international relations.

Early-career professionals and students from reputed Higher Education Institutions (HEIs) are particularly vulnerable because they seek freelance work, research experience and international partnerships. Initial outreach is often framed as legitimate consultancy, research assistance, or content development work, which creates the impression of professional credibility through normal business operations.

‍

Task-Based Information Extraction

‍

The organisation assigns writing and research duties to new employees, which seem simple to perform. The topics of source-based articles and analytical pieces include the following two subjects about India.

• The first subject examines India's foreign relations with its strategic partnerships.
• The second subject investigates how armed forces operate through different military movements.
• The third subject focuses on defence procurement activities, which include weapon system development and modernisation projects.
• The fourth subject investigates military activities through joint training exercises and war simulation exercises.

The public possesses most of this knowledge, but its threat emerges from the process of collecting and interpreting data with contextual information. The collection of insights from various sources enables organisations to identify operational patterns, strategic priorities and capacity evaluations which go beyond particular data points.

‍

The Financial Cybercrime Nexus

‍

The financial system that pays contributors presents itself as a major problem for this activity. Payments are often routed through:

• Indian bank accounts, including student accounts
• Funds originating from cyber fraud or financial crimes
• Occasional overseas transfers structured to avoid scrutiny

The system establishes a direct connection between financial cybercrime activities and the theft of confidential information, which brings unintentional danger of legal issues and public image damage to those involved. The Indian legal system considers all connections to illegal financial activities as serious offenses even when the person involved did not intend to commit any crime.

‍

Concealed Identities and Data Harvesting
‍

The entities that conduct recruitment activities willfully hide their real identities. The organisation uses intermediaries for their operations, which they present as foreign consulting firms, think tanks and analytics companies. Contributors who have defence or security experience will face requests to provide their personal data, which includes their PAN and Aadhaar information.

The collection of such data raises significant concerns. The system creates permanent privacy hazards that permit unauthorised access to personal data and identity theft and coercive practices. The ultimate use of this information often remains opaque to the individuals providing it.
‍

Why Incremental Leakage Matters
‍

The threat operates silently because it lacks the visibility of major cyberattacks. The combined effect of all articles and research notes becomes dangerous because no single element can cause harm. Hostile organisations can use incremental information leakage to undermine national security because they can analyse their gathered data to create:

• maps of strategic capabilities,
• defence readiness evaluations,
• security and foreign policy narrative control.

The process of information sovereignty erosion occurs through the establishment of undefined boundaries between journalism and academic research, and consultancy and strategic analysis. The lack of clear boundaries between journalism and academic research, consultancy and strategic analysis makes it difficult to determine who is responsible for research outcomes.
‍

The Role of Institutions and Individuals
‍

The universities and media outlets, together with the professional organizations have essential functions in their quest to diminish environmental effects. The organisation should perform the following proactive steps:

• The organisation should organise training programs which will educate people about its services.
• The organisation should require researchers to conduct thorough investigations before they accept paid assignments for research work and writing tasks.
• The organisation should recommend that people do not share their identity documents except when their institution requires it for authentication purposes.
• The organisation should create specific methods to report any suspicious activities that people might encounter.

Students and professionals need to understand that their specialised knowledge and trustworthiness can be used against them. People must protect their digital identities through three actions, which include verifying their affiliations and assessing the complete effects of their daily activities.
‍

Conclusion

‍

Cyber enabled threats to national security increasingly operate in grey zones, which makes their legality, legitimacy, and true intent difficult to assess. The convergence of foreign recruitment efforts, financial cybercrime, and covert information gathering creates a persistent risk that is still not widely recognised or fully understood. The state does not bear exclusive responsibility for protecting sensitive information. National resilience in an interconnected knowledge economy requires organisations to develop three core capacities, which include institutional awareness and restraint and institutional vigilance. Cyber resilience depends on two essential factors, which include secure systems and informed citizens, because data continues to determine power relationships.
‍

References
‍

• https://reports.weforum.org/docs/WEF_Global_Cybersecurity_Outlook_2025.pdf
• https://www.cyber-espionage.ch/
• https://www.theguardian.com/world/2025/nov/18/mi5-issues-alert-to-mps-and-peers-over-chinese-espionage
• http://cybercrimejournal.com/menuscript/index.php/cybercrimejournal/article/download/263/92
• https://www.researchgate.net/publication/368461675_Cyber_Espionage_Consequences_as_a_Growing_Threat

‍

Introduction

‍

In today's era, where the threat from the digital world is growing rapidly, good developments in the war against cybercrimes cannot be ignored when they do happen. The state, which was notorious for being one of the most notorious criminal states in the country concerning digital crimes, has brought about remarkable changes in the law and order situation in the country in the last few years. According to the most recent data released by the Union Ministry of Home Affairs, Assam recorded only 408 cybercrimes in the year 2024, while the figure for the previous year was 909, which means a decline of over 55% in one year. But what is even more notable about the feat is the fact that, on the other hand, the country as a whole witnessed a rise of nearly 18% in the cybercrimes recorded. 

‍

 Assam's Cybercrime Journey

‍

To understand where Assam is today can only achieve this by understanding how far it has come. In 2021, it was ranked the 5^th highest state or union territory in India in the realm of cybercrime, with a staggering number of 4846 cases. The state kept the worrisome numbers continuing in the year 2022, as it ranked 9^th with 1,733 cases before sliding down to 13^th place in 2023 with 909 cases. However, the steep fall to a minuscule 408 cases in 2024 is an amazing narrative of how a state managed to completely eradicate the cybercrime infrastructure.

This is not a mere coincidence in statistics. This has proved to be a sustained, systematic operation by the law-enforcing agencies. Police sources say the decline is the result of consistent law enforcement action against cybercrime networks and the positive effect of awareness campaigns. Assam recorded 360 arrests under cybercrime-related offences and charge-sheeted 285 in the year 2024.

‍

The National Picture: A Troubling Contrast
‍

While the case of Assam is inspiring, the numbers on a pan-Indian level look bleak. India saw as many as 101,928 cybercrimes registered on its soil in the year 2024; a sharp rise from 2023, when 86,420 incidents had been reported. And it's not just in the number of cases that have seen an alarming rise; the economic implications are equally devastating. As many as 19.18 lakh complaints were lodged on the National Cyber Crime Reporting Portal in 2024. These complaints were an outcome of the financial losses to the tune of almost Rs 22,811.95 crore, according to a statement by the Home Ministry.

In 2024, the states that stood out at the top were Telangana (27,230), Karnataka (21,993), Uttar Pradesh (11,073), Maharashtra (9,922), and Bihar (6,380), among others. This clearly goes on to prove how the occurrences of cybercrime are not uniform across all states in the country due to various local and state-specific factors like the enforcement provided by state police forces, literacy levels of the general public, and the range of awareness campaigns carried out.

Even within Assam, the trend is not uniform, as almost every other Northeastern state has recorded a rise in cybercrimes this year, the figures being Arunachal Pradesh 24 to 78, Mizoram 31 to 50, Meghalaya 64 to 97, and Nagaland 2 to 14. It is only Tripura that saw a dip in reported cybercrimes, from 36 to 33. Considering these statistics, it becomes even more crucial to study and emulate Assam's success.
‍

The Drivers and Disrupters of Cybercrime
‍

It is in understanding how cybercrimes in Assam are committed that one might derive how these should be combatted. Of the 408 cases registered so far in 2024, 253 were registered for transmitting, or publishing, electronically, any obscene or sexually explicit material, and 115 cases were under computer-related offences. As for motive, they vary widely; 121 cases were registered out of revenge, 55 for fraud, 43 for extortion, and 42 for sexual exploitation. Sadly, out of 408 crimes reported so far in 2024, 196 victims are women, and 20 are children; in essence, the real impact is on society's most vulnerable.

This is a useful categorisation for the policymakers. It would not be beneficial if it were an all-encompassing strategy against cybercrimes when the motives and mechanisms behind them differ so widely. Customised campaigns educating women on cyberbullying, educating children on online security, and cautioning the public against online fraudulent schemes would be much more effective than general advice.

 On the national front, significant investments have been made by the central government for developing cybercrime-fighting infrastructure. Since the I4C was established in 2018, the launch of NCRP in 2019 provides a reporting and coordination framework against cybercrimes, and it is reported that over 5,489 crore have been saved by freezing illegal transactions, stemming from over 17.88 lakh complaints, through these platforms. Over 9.42 lakh SIM cards and 263,248 International Mobile Equipment Identities (IMEI) numbers have been blocked due to involvement in cybercrime.
‍

The Role of Awareness and Enforcement
‍

The biggest, and perhaps most transferable, lesson learned from Assam is the importance of both enforcement and awareness. Alone, neither proves useful: an enforcement operation without public knowledge leaves the public at risk for the next offence, while a purely informational approach gives criminals the license to proceed. Assam seems to have a more pragmatic approach; at least the statistics support this notion.

As the most persistent weakness, cyber hygiene is still a critical issue for India's cybersecurity. The core problem is the limited public knowledge on the importance of safer online practices, and it has been one of the primary hurdles to reducing crimes online; in instances where crimes were committed and reported, insufficient processes and infrastructure remained challenges in their investigation. Therefore, institutional investment in resources such as local police cyber cells and national coordinating agencies is an integral component to overcoming these challenges.z

‍

Conclusion
‍

By decreasing the rate of cybercrime in Assam by 55%, the successful combination of vigorous prosecution, constant pressure to uphold the law, and thorough public awareness campaigns has demonstrated a viable solution to ever-increasing online threats throughout India. Assam presents an attainable blueprint to diminish cybercrime, although the criminals of this evolving landscape cannot be constrained by individual state borders. To successfully achieve an e-economy that thrives on security and trust, India must adapt and expand the same law enforcement and awareness campaign strategies.

‍

References
‍

1. https://assamtribune.com/assam/assam-records-over-55-decline-in-cyber-crime-cases-in-2024-mha-1611895
   
   
2. https://ddnews.gov.in/en/cybercrime-complaints-cross-19-lakh-in-2024-97-drop-in-spoofed-calls-post-new-measures/
   
   
3. https://www.medianama.com/2025/08/223-india-cybercrime-500-percent-increase-2021-2024/
   
   
4. https://statista.com/topics/5054/cyber-crime-in-india‍
5. https://i4c.mha.gov.in