OUR RESEARCH
Data Analysis
Statistics from primary survey across India:
-
We studied the prevalent methods used by scamsters of such frauds and surveyed to understand the awareness of such crimes. The survey covered around 600 respondents across multiple cities, cultures, economic and linguistic backgrounds.
-
The survey showed a widespread usage of digital payments with ~98% of those surveyed using apps/cards to make payments and engaging in an average of at least one digital transaction daily.
-
Over a third of survey respondents reported attempts by scamsters to defraud them. Over a quarter of the respondents have received telephone calls from scammers and 14% report receiving links to fake websites/being subject to phishing attacks. However, scammers are evolving into increasingly sophisticated scams involving the use of both social engineering and technology.
-
The prevalence of such scams has resulted in the erosion of trust with 90% of the survey respondents expressing concern over the safety of such digital payments.
-
The people in the 18-35 yr age group (young working adults) and those without a university education, report a much higher prevalence of such financial frauds, indicating vulnerability of this segment to scams partly due to their higher levels of trust in technology.
-
A majority of the respondents remain unaware of how to report such financial crimes.

Sharing is NOT caring for Financial Transactions



As we grow up, money management is a necessary skill that has been added to our list of must-learns. However, in the world where technology has integrated itself in all aspects of life, this skill has become so much more than just budgeting. It gives us immense pride to note that India is at the cutting edge of digital payments with the country contributing to roughly one in two digital payments globally. India’s technology stack handled ~90 billion digital payment transactions in 2022 and this number continues to rise exponentially as more people embrace the convenience of paying each other via their phones. However, this has been met by an increase in the number of schemes to defraud an innocent population. As a part of our Service Project, we studied the modus operandi of such frauds and conducted a survey to understand the level of awareness of such crimes and the protective measures available for the general consumer.
The survey covered around 600 respondents across five different cities, multilingual and socioeconomic backgrounds, indicating widespread usage of digital payments with ~98% of those surveyed using apps/cards to make payments and engaging in at least one digital transaction daily. However over 90% of the survey respondents expressed concern on the safety of such payments and fears of online scams. The people in the 18-35 yr age group (young working adults), without any university education, report a much higher prevalence of such financial frauds. We attribute this to the high smartphone ownership in this segment, but the lack of awareness of the different security measures. Similarly, senior citizens expressed vulnerability and desire to learn more about how to prevent getting frauded. Over a quarter of the respondents have received telephone calls from scamsters and 14% report receiving links to fake websites/being subject to phishing attacks. However, scamsters have moved to more sophisticated scams such as using voice changing softwares and deepfakes to scam people in the name of their near and dear ones. Most of the respondents remain unaware on how to identify and report such financial crimes.
To raise awareness, we have summarised our research into easy-to-understand brochures which we have distributed to over 200 people to improve awareness. Similar sessions were conducted, and material was distributed amongst senior citizens at their request. While it was a truly enriching experience to research and create awareness about financial scams, the sense of fulfilment we achieved after interacting with the staff and senior citizens in our community was unparalleled.
Articles By MoneySatark Club
Welcome to the MoneySatark Club's fraud awareness section. Here, our dedicated student volunteers provide articles on the latest scams, upcoming fraudulent activities, and notable case studies. Stay informed to protect yourself from financial deception.
AI Ransomware: What is this newly emerging technology and how can it impact you?
By Samaira Aich, Meha Mehrotra, Paarth Agarwal
28th January 2026
As the age of technology prospers, so does malware in the world of cybercrime. A rapidly improving method of system infiltration in 2026 is AI-driven malware / ransomware. AI-driven malware is malicious software that uses artificial intelligence to adapt autonomously. Instead of having fixed code, it can generate new code, such as Lua scripts, to analyse a system’s vulnerabilities and create strategies for attack. By behaving differently each time it interacts with a system, it avoids detection from traditional security systems while working to corrupt
files and data.
Although cybercrime is already widespread, AI-driven malware is different because it has advantages over human-driven attacks. Since it can re-write its own code, something that humans otherwise have to do to avoid being detected, this method is optimal for efficiency in infiltrating systems by jumbling its Lua code or adding meaningless code to alter appearance. Unlike human-driven malware that waits for commands, AI-driven malware analyses the system it is infiltrating and carefully determines the best method of attack, making sure the result is guaranteed to be in favour of the attacker. Current models such as PromptLock and MalTerminal are still developing, raising concerns about how much more malicious they may become.
AI-driven malware also carries out ransomware attacks using SPEK-128 bit encryption while scanning sensitive data to identify high-value ransom opportunities. Encryption locks information so files appear as scrambled characters to the owner. SPEK-128 bit encryption uses a 128-bit key, one of the strongest forms of encryption, making the key impossible to guess. Only the malware has access to this key, meaning files can only be restored with it. The AI identifies valuable data by searching for patterns such as credit card numbers, bank
details, or keywords like “tax” and “invoice.” Once data is found and encrypted, a ransomware note appears through pop-ups, wallpaper changes, etc, stating that important documents are locked and can only be recovered by following instructions, usually transferring money, while threatening data loss if files are deleted. So far, the only proof of concept through which such information has been uncovered includes the PromptLock
software, discovered by ESET researchers.
Research projects such as PromptLock and developing AI systems demonstrate how large language models, or LLM (systems that gain unauthorised access to information) could automate complete attack lifecycles, including encryption, and the creation of persuasive ransom messages with minimal human input. Real-world cases already reflect this shift, with cybercriminals using generative AI to write malicious code and some ransomware groups testing AI chatbots to automate ransom negotiations and pressure victims. To reduce risk, users should maintain regular offline backups and use behaviour-based antivirus software, which detects suspicious actions rather than fixed malware signatures, making it especially effective against constantly evolving AI ransomware. While there are systems like PromptLock coming into the picture, none have been used for genuine ransomware attacks yet, however, these systems are still developing and pose the threat of
being highly malicious and prevalent in the cybercrime world soon, posing threat for the future of cybersecurity.
Citations
-
Content. “AI-Generated Malware and How to Tackle It.” Tatacommunications.com, Tata Communications, 6 Apr. 2025, www.tatacommunications.com/knowledge-base/cyber-security/ai-generated-malware. Accessed 25 Jan. 2026.
-
“Intelligence Reports.” Microsoft.com, 2024, www.microsoft.com/en-in/security/security-insider/intelligence-reports. Accessed 20 Jan. 2026.
-
Jennings-Trace, Ellen. “Anthropic Warns That Its Claude AI Is Being ‘Weaponized’ by Hackers to Write Malicious Code.” TechRadar, 29 Aug. 2025, www.techradar.com/pro/anthropic-warns-that-its-claude-ai-is-being-weaponized-by-hackers-to-write-malicious-code. Accessed 25 Jan. 2026.
-
Raz, Md, et al. “Ransomware 3.0: Self-Composing and LLM-Orchestrated.” ArXiv.org, 2025, arxiv.org/abs/2508.20444. Accessed 25 Jan. 2026.
-
Sabin, Sam. “Ransomware Gangs Experiment with AI.” Axios, 29 July 2025, www.axios.com/2025/07/29/ransomware-gang-ai-chatbot-negotiate. Accessed 25 Jan. 2026.
-
What Is 128 Bit Encryption? Should I Avoid 128 Bit SSL Encryption. “What Is 128 Bit Encryption? Should I Avoid 128Bit SSL Encryption?” SectigoStore, 13 Apr. 2020, sectigostore.com/page/what-is-128-bit-encryption/. Accessed 25 Jan. 2026.
AI Voice Cloning: How Scammers Are Using Artificial Intelligence
By Ailish Garg, Aayush Seshagiri, Paarth Agarwal, Daanish Sachdev, Ria Varma, Samaira Aich, Ruhaan Sharma, Siddhanth Ramanujam
13th March 2026
What is AI Voice Cloning & How does it work?
AI voice cloning is a form of artificial intelligence that
replicates a person’s voice using machine learning
models trained on recorded audio samples. The system
analyses vocal features such as pitch, tone, rhythm,
accent, and pronunciation patterns, converting them
into mathematical representations such as voice
vectors. Using deep learning techniques, particularly

neural networks, it generates synthetic speech that closely mimics the original speaker. In scams, fraudsters obtain short audio clips from social media or calls, train the model, and produce realistic voicemessages to impersonate victims convincingly.
How is AI Voice Cloning Used in Cybercrime Scams
AI voice cloning can be applied in multiple ways. Some of the positive ways that it could be used would be to be able to create advertisements and create realistic videos when people don't have the time to record the audio themselves. Another negative way it could be used is to clone people's voices without consent; this would be an immediate breach of privacy, which would be illegal. Another way that scammers can use this would be to use “your voice” to demand things like ransom or extort your family members into paying large sums of money to them.
Examples of AI Voice Cloning’s Impact in Real Life

Real-world cases demonstrate the severe harm caused by AI voice cloning scams. Jennifer DeStefano narrowly escaped losing $1 million in 2023 when fraudsters cloned her daughter's voice from social media to simulate a kidnapping, demanding ransom in a chilling call she described as "completely her voice" with matching inflexion. In a corporate breach, scammers targeted WPP executives by cloning CEO Martin Sorrell's voice(often mislinked to Microsoft contexts) in a Teams meeting to
extract funds and data, nearly succeeding before detection. In India, Delhi resident Lakshmi Chand Chawla lost ₹50,000 in 2024 after a cloned child's voice—her cousin's son—begged for help via WhatsApp in a fake abduction ploy, part of a rising trend with 47% of adults affected or knowing victims. These incidents underscore the emotional and financial devastation.
Governmental / Regulatory Aspect
AI Ransomware: What is this newly emerging technology and how can it impact you?
By Samaira Aich, Meha Mehrotra, Paarth Agarwal
28th January 2026
As the age of technology prospers, so does malware in the world of cybercrime. A rapidly improving method of system infiltration in 2026 is AI-driven malware / ransomware. AI-driven malware is malicious software that uses artificial intelligence to adapt autonomously. Instead of having fixed code, it can generate new code, such as Lua scripts, to analyse a system’s vulnerabilities and create strategies for attack. By behaving differently each time it interacts with a system, it avoids detection from traditional security systems while working to corrupt
files and data.
Although cybercrime is already widespread, AI-driven malware is different because it has advantages over human-driven attacks. Since it can re-write its own code, something that humans otherwise have to do to avoid being detected, this method is optimal for efficiency in infiltrating systems by jumbling its Lua code or adding meaningless code to alter appearance. Unlike human-driven malware that waits for commands, AI-driven malware analyses the system it is infiltrating and carefully determines the best method of attack, making sure the result is guaranteed to be in favour of the attacker. Current models such as PromptLock and MalTerminal are still developing, raising concerns about how much more malicious they may become.
AI-driven malware also carries out ransomware attacks using SPEK-128 bit encryption while scanning sensitive data to identify high-value ransom opportunities. Encryption locks information so files appear as scrambled characters to the owner. SPEK-128 bit encryption uses a 128-bit key, one of the strongest forms of encryption, making the key impossible to guess. Only the malware has access to this key, meaning files can only be restored with it. The AI identifies valuable data by searching for patterns such as credit card numbers, bank
details, or keywords like “tax” and “invoice.” Once data is found and encrypted, a ransomware note appears through pop-ups, wallpaper changes, etc, stating that important documents are locked and can only be recovered by following instructions, usually transferring money, while threatening data loss if files are deleted. So far, the only proof of concept through which such information has been uncovered includes the PromptLock
software, discovered by ESET researchers.
Research projects such as PromptLock and developing AI systems demonstrate how large language models, or LLM (systems that gain unauthorised access to information) could automate complete attack lifecycles, including encryption, and the creation of persuasive ransom messages with minimal human input. Real-world cases already reflect this shift, with cybercriminals using generative AI to write malicious code and some ransomware groups testing AI chatbots to automate ransom negotiations and pressure victims. To reduce risk, users should maintain regular offline backups and use behaviour-based antivirus software, which detects suspicious actions rather than fixed malware signatures, making it especially effective against constantly evolving AI ransomware. While there are systems like PromptLock coming into the picture, none have been used for genuine ransomware attacks yet, however, these systems are still developing and pose the threat of
being highly malicious and prevalent in the cybercrime world soon, posing threat for the future of cybersecurity.
Hardships faced in addressing the significant issue of AI voice cloning include legal and ethical challenges. In terms of AI voice cloning, these include the extreme lack of laws pertaining to what is defined as crossing the line between legal and unethical or entirely illegal. Mainly, the issue faced here is how, legally, voices and voice recognition are considered biometric data identifiers as opposed to legally defining one person as the owner of that voice, meaning that in many places it is not illegal to use another person’s voice for purposes they may not have consented to.
Precautions & Prevention Methods
If you suspect you’ve been targeted by a voice-cloning scam, stop the conversation immediately. Contact your bank to freeze accounts and cancel any pending transfers. Verify the situation by calling the person or organisation back on a trusted, pre-saved number; never use the one that just called you. Report the incident to your local authorities and the FTC (or your national fraud centre) to help track the scammer’s tactics. Finally, notify your family and friends. If a scammer has your voice sample, they may use it to target your inner circle next.
Citations
-
Akshat Mandloi. “AI Voice Cloning in Real-Time: A Deep Learning Approach.” Smallest.ai, 18 Dec. 2025, smallest.ai/blog/real-time-ai-voice-cloning-deep-learning-tts-clone . Accessed 5 Mar. 2026.
-
Mannie, Kathryn. “AI Kidnapping Scam Copied Teen Girl’s Voice in $1M Extortion Attempt.” Global News, 18 Apr. 2023, globalnews.ca/news/9629883/ai-kidnapping-scam-teen-girl-voice-cloned-extortion-arizona-jennifer-destefano/. Accessed 5 Mar. 2026.
-
Thakur, Anjali. “Woman Claims AI Cloned Her Daughter’s Voice in $1 Million Kidnapping Scam.” Www.ndtv.com, NDTV, 17 Apr. 2023, www.ndtv.com/feature/woman-claims-ai-cloned-her-daughters-voice-in-1-million-kidnapping-scam-3954384. Accessed 5 Mar. 2026.
-
Mishra, Pankaj. “AI Scams Surge: Voice Cloning and Deepfake Threats Sweep India.” Www.ndtv.com, NDTV, 10 Oct. 2024, www.ndtv.com/ai/ai-scams-surge-voice-cloning-and-deepfake-threats-sweep-india-6759260. Accessed 5 Mar. 2026.
Pig Butchering Scams: How Trust Is Engineered Into Fraud
By Ria Varma, Daanish Sachdev, Samaira Aich, Ruhaan Sharma, Paarth Agarwal, Aayush Seshagiri
30th April 2026
Pig Butchering Scams are a type of online financial fraud where the scammers slowly build trust with a victim before convincing them to invest money in fake opportunities. At first, the scam starts with a friendly message on social media, messaging apps, or dating platforms. Over time, the scammer forms a relationship and gains the victim’s trust. Then they introduce a “profitable” investment, often in cryptocurrency. First, the victims see these fake profits and choose to invest more money, but then the scammer disappears and the money is lost.
How are Pig Butchering Scams carried out online?
Pig Butchering Scams primarily unfold on platforms like Instagram, WhatsApp, Telegram, Tinder, and Facebook, where scammers send seemingly innocent “wrong number” texts or friend requests to appear harmless. They employ scripted personas—often posing as attractive professionals or lonely expats—to nurture daily chats, sharing photos and personal stories for

weeks. Gradually, conversations pivot to finance: scammers flaunt “lucky” crypto wins via fake screenshots, then direct victims to bogus trading apps showing fabricated gains. This psychological grooming ensures larger deposits before the inevitable vanishing act.
Real-life examples of Pig Butchering Scams

To understand the network of pig butchering scams, consider a 52-year-old man from Denver introduced to Shikuka Suzuki through a dating app. Months of interaction and fake interest allowed Shikuka to convince him to invest in a cryptocurrency trading app. After deposits totaling $1.6 million, he believed he had amassed $8 million through fraudulent profit displays. When another man posed as a customer service agent, the man paid a deposit of $1.5 million to withdraw his
wealth and discovered his money was gone, along with Shikuka, showing that these scams make the victim vulnerable to believing anything the scammer says will benefit them.
Government and law enforcement challenges
Stopping these scams is a major challenge for governments because the perpetrators rarely follow national borders. Since scammers often operate in one country while targeting victims in another, law enforcement frequently hits a wall due to conflicting international laws and complex extradition processes. Furthermore, tracing the stolen funds is incredibly difficult. The use of anonymous cryptocurrencies and rapid digital transfers allows money to be laundered before authorities can even react. Ultimately, police are forced to fight sophisticated, high-tech networks using legal frameworks that simply haven't kept pace.
Protection strategies and precautions
Protect yourself by staying cautious with strangers who quickly become friendly or romantic, especially on social media or messaging apps. Never share personal or financial information with someone you haven’t met in real life. Be skeptical of investment opportunities that promise high or guaranteed returns, particularly in cryptocurrency or trading platforms. Always verify platforms independently before investing. Avoid moving conversations to private apps at someone else’s request.

Do not send money, gift cards, or crypto to anyone you only know online. Watch for pressure tactics, such as urgency or emotional manipulation. Research suspicious profiles and images, as scammers often use fake identities. Enable two-factor authentication on accounts and keep software updated. If something feels off, trust your instincts and stop communication immediately. Report suspected scams to local authorities or cybercrime portals.
Pig butchering scams continue to affect people across the world. Recognising warning signs and thinking carefully before making financial decisions can prevent serious losses. Safe online habits and greater awareness help reduce risks.
Operation CyHawk: India's Fight Against Organised Cybercrime
By Ailish Garg, Ruhaan Sharma, Paarth Agarwal, Avnita Santani, Ria Varma
1st July 2026
In just a few decades, digital technology has become an essential part of everyday life. From banking and shopping to education, healthcare, and government services, billions of people now rely on digital platforms for activities that were once carried out entirely offline. According to the International Telecommunication Union, an estimated 5.8 billion people, representing around 71% of the world's population, were using the internet in 2024. As this dependence continues to grow, safeguarding information, networks, and essential services has become just as important as expanding access to them. Cybersecurity is no longer only a technical concern but also an economic, social, and national priority. With this in mind, countries around the world are introducing stronger cybersecurity policies, strengthening digital infrastructure, and supporting agencies responsible for cybersecurity and cybercrime investigations.
Rise of Cybercrime in India
Today, cybercrime stands out as one of the biggest problems of the era of digitisation due to fast-growing internet connectivity, use of digital money, and advanced methods of committing a crime. In 2025, the number of reported losses in the USA amounted to $20.9 billion, which is 26% higher compared to the losses of $16.6 billion that were reported in the previous year; besides, complaint volume in the USA exceeded one million for the first time during 25 years of activity of the FBI IC3, whereas cybercrime has already caused losses of $10.5 trillion worldwide in 2025

and is expected to amount to $12.2 trillion per annum by 2031. The main vectors of cybercrime include investment frauds, business email compromises, ransomware, and phishing through the use of artificial intelligence. The near-absence of cybercrime detection (about 0.05%) and prosecution, combined with the cheapness of attacks on a large scale, provides a structural advantage of cybercrime and guarantees its further growth.
What is Operation CyHawk?

Operation CyHawk is an anti-cybercrime initiative by the Delhi Police, which is now in its fifth edition. Instead of reacting to individual complaints, the operation works by spending weeks mining data from India's National Cyber Crime Reporting Portal, as well as mapping frauds and tracking mule bank accounts.Following this, they deploy thousands of personnel in a coordinated 48-hour blitz across multiple states.CyHawks 5.0 deployed over 715 raiding teams across 21 states, arrested 916 individuals,
AI Ransomware: What is this newly emerging technology and how can it impact you?
By Samaira Aich, Meha Mehrotra, Paarth Agarwal
28th January 2026
As the age of technology prospers, so does malware in the world of cybercrime. A rapidly improving method of system infiltration in 2026 is AI-driven malware / ransomware. AI-driven malware is malicious software that uses artificial intelligence to adapt autonomously. Instead of having fixed code, it can generate new code, such as Lua scripts, to analyse a system’s vulnerabilities and create strategies for attack. By behaving differently each time it interacts with a system, it avoids detection from traditional security systems while working to corrupt
files and data.
Although cybercrime is already widespread, AI-driven malware is different because it has advantages over human-driven attacks. Since it can re-write its own code, something that humans otherwise have to do to avoid being detected, this method is optimal for efficiency in infiltrating systems by jumbling its Lua code or adding meaningless code to alter appearance. Unlike human-driven malware that waits for commands, AI-driven malware analyses the system it is infiltrating and carefully determines the best method of attack, making sure the result is guaranteed to be in favour of the attacker. Current models such as PromptLock and MalTerminal are still developing, raising concerns about how much more malicious they may become.
AI-driven malware also carries out ransomware attacks using SPEK-128 bit encryption while scanning sensitive data to identify high-value ransom opportunities. Encryption locks information so files appear as scrambled characters to the owner. SPEK-128 bit encryption uses a 128-bit key, one of the strongest forms of encryption, making the key impossible to guess. Only the malware has access to this key, meaning files can only be restored with it. The AI identifies valuable data by searching for patterns such as credit card numbers, bank
details, or keywords like “tax” and “invoice.” Once data is found and encrypted, a ransomware note appears through pop-ups, wallpaper changes, etc, stating that important documents are locked and can only be recovered by following instructions, usually transferring money, while threatening data loss if files are deleted. So far, the only proof of concept through which such information has been uncovered includes the PromptLock
software, discovered by ESET researchers.
Research projects such as PromptLock and developing AI systems demonstrate how large language models, or LLM (systems that gain unauthorised access to information) could automate complete attack lifecycles, including encryption, and the creation of persuasive ransom messages with minimal human input. Real-world cases already reflect this shift, with cybercriminals using generative AI to write malicious code and some ransomware groups testing AI chatbots to automate ransom negotiations and pressure victims. To reduce risk, users should maintain regular offline backups and use behaviour-based antivirus software, which detects suspicious actions rather than fixed malware signatures, making it especially effective against constantly evolving AI ransomware. While there are systems like PromptLock coming into the picture, none have been used for genuine ransomware attacks yet, however, these systems are still developing and pose the threat of
being highly malicious and prevalent in the cybercrime world soon, posing threat for the future of cybersecurity.
and exposed a fraud trail worth nearly ₹700 crore, which made it the Delhi Police's largest anti-cybercrime operation to date. This operation dismantles larger operations that make large-scale digital fraud possible.
Operation CyHawk's Primary Targets
Operation CyHawk 5.0 went after the layered ecosystem that makes large-scale cyber fraud possible, with three main nodes in its crosshairs.
The first was mule account networks - fraudsters luring vulnerable individuals through fake work-from-home offers and commission-based schemes to open bank accounts and hand over access to criminals. These recruits served as a financial buffer between victims and the masterminds. More than 3,600 persons linked to

such operations were rounded up. The second was malicious APK distributors - mobile applications increasingly being used to silently intercept OTPs and facilitate unauthorised financial transactions. The third was fraudulent call centres. These operated under the guise of legitimate businesses offering jobs, insurance and astrology services, while separate centres ran international tech support scams targeting foreign nationals.
Most communication and transactions were coordinated through Telegram and WhatsApp. Across all three pillars, the networks were indiscriminate - ordinary individuals, corporations and even a former MP's associated firm all fell victim.
Impact and Significance
Operation CyHawk 5.0 was one of India's biggest cybercrime crackdowns, showing a move from simply responding to fraud cases to breaking up the criminal networks behind them. By arresting over 1,700 suspects, identifying thousands of mule account operators, and shutting down fake call centres and malicious APK distribution networks, the operation disrupted several parts of the cybercrime system. Police also froze suspicious bank accounts and seized digital devices, making it harder for criminals to move stolen money and continue their activities.
The operation also showed that cybercrime is now highly organised and works like a business rather than being carried out by individual hackers. Different people have different roles, such as recruiting money mules, running scam call centres, or spreading harmful apps. This makes cybercrime more difficult to stop. Operation CyHawk 5.0 proved that cooperation between police, cyber experts, banks, and technology companies is essential to fight these networks. Although the operation weakened many criminal groups, it also showed that cybercriminals keep changing their methods, so constant action and public awareness are still needed.
Challenges and Public Awareness
Operation CyHawk 5.0 faced many challenges because cybercrime is difficult to track. Criminals often changed phone numbers, bank accounts, and online identities to avoid being caught. They also used encrypted messaging apps and fake identities to hide their activities. Many scams operated across different states and even different countries, so police had to work closely with many agencies and banks. Investigators also had to examine huge amounts of digital evidence and trace money through thousands of bank accounts before it disappeared.
The operation teaches citizens that staying safe online is everyone's responsibility. People should never share OTPs, bank details, or account access with anyone, even if they promise easy money or create a sense of urgency. Job offers, investment schemes, and unexpected phone calls should always be checked through official sources. Downloading apps only from trusted app stores, using two-factor authentication, and reporting suspicious activity quickly can greatly reduce the risk of becoming a victim. Operation CyHawk 5.0 shows that while police can stop many cybercriminals, careful and informed citizens are the best defence against online scams.
Operation CyHawk shows how policing is adapting to meet the challenges of an increasingly digital world. Instead of focusing only on individual cases, it targets the organised networks that make large-scale cybercrime, such as financial fraud, phishing scams, and identity theft, possible. Although cyber threats continue to evolve and challenges remain, the operation demonstrates how proactive investigations, coordinated action, and greater public awareness can help build a safer and more secure digital future for India's citizens.
Deepfakes: The New Face of Financial Fraud
7th July 2026
Picture this: your phone rings. The voice on the other end sounds exactly like your bank relationship manager. Or a close relative.
They’re calm. They’re urgent. They sound… real. Your instinct? Help. Act fast. Don’t ask too many questions. And that instinct is precisely what deepfake fraudsters are betting on.
In early 2025, India was flooded with AI generated videos and voice clips that looked and sounded authentic—but weren’t. What began as fake celebrity videos quickly grew into something far more serious: financial fraud built on stolen trust. Deepfakes are no longer a tech party trick. They’re being used every day to manipulate decisions, bypass safeguards, and drain bank accounts. And no, this isn’t about being “tech savvy” or not. Anyone can be fooled.
So, What Exactly Is a Deepfake?
A deepfake is an image, video, or audio clip created or altered using artificial intelligence to appear completely real. Today’s AI can copy a person’s voice, accent, expressions, and speaking style with unsettling precision. And it works fast. What once took time, money, and expertise can now be done in minutes—or seconds. That speed is what makes deepfakes so dangerous. There’s barely time to doubt before you’re asked to act.
How Are Deepfakes Being Used for Fraud?
Banking and payment scams: Fraudsters impersonate bank officials or senior executives, pushing victims into “urgent” money transfers before common sense can catch up.
Celebrity led investment scams: Fake endorsements and ads flood social media and messaging apps, making risky schemes look reassuringly familiar.
Voice scams targeting everyday customers: Calls sound exactly like a manager, HR head, relative, or bank relationship manager. OTPs, PINs, and instant transfers are demanded—often with emotional pressure. All it takes is a few seconds of voice lifted from social media.
Security risks: Even facial recognition and biometric systems can be fooled, prompting new AI safety guidelines in India for 2025–26.
Why Are Deepfakes So Hard to Spot?
Modern deepfakes can convincingly mimic:
• Face angles and skin texture
• Lip movement and accent
• Voice cadence and lighting
With publicly available apps, convincing deepfakes can now be created in under 30 seconds. Your eyes and ears, once reliable, are no longer enough.
How You Can Stay Satark
A few simple habits can stop most scams:
• Never trust urgency. Hang up and call back using a verified number.
• Don’t share selfies or videos with strangers. They can train AI models.
• Use PINs or passwords for banking apps. Avoid relying only on face or voice access.
• Watch for red flags. Odd lighting, unnatural blinking, or mismatched lip movement matter.
• Avoid forwarded links, especially celebrity ads on messaging apps.
If You’re Targeted, Act Fast
Stop engaging immediately. Freeze the transaction if money was sent. Call 1930, report on the MoneySatark Forum, contact your bank, preserve evidence, change passwords, and inform people around you.
The Bottom Line
Deepfakes aren’t coming; they’re already here. Banks and regulators are stepping up, but the strongest defence is still awareness.