How AI deepfake scam used Aadhaar to take loans without victims knowing: Tips to stay safe
A new cyber fraud case shows how AI deepfakes were used to take control of Aadhaar-linked identities and apply for loans without victims knowing.
Published By: Shubham Arora | Published: May 09, 2026, 10:48 AM (IST) | Edited: May 09, 2026, 10:50 AM (IST)
A recent case shows how quickly online fraud is changing. Scammers are now using AI-generated deepfakes to take control of someone's identity and apply for loans, often without the person even knowing. The operation, uncovered by the Ahmedabad Cyber Crime Branch, involved an inter-state gang that relied on stolen data, AI tools, and a few system gaps to pull this off.
In many cases, just a photo from social media was enough to begin the process. From there, everything else was built step by step using digital tools.
How the fraud started
The gang reportedly began by identifying potential targets who were financially stable. Using platforms like MastersIndia and similar tools, they accessed GST and PAN details. This helped them figure out the person's credit score and whether they would easily qualify for a loan.
Once they had a target, the next step was collecting more data. They picked up photos from social media profiles and gathered Aadhaar-linked details using bots and other online tools. In some cases, data brokers were also involved. One person would arrange Aadhaar numbers and photos, while others handled the technical side and the money flow.
How deepfake videos were used
After putting all this together, the gang used AI tools, including Gemini and Meta AI, to create short "eye-blink" videos. These clips were made to look real enough to pass basic checks.
They used these videos to get past Aadhaar-based face verification systems. Using this, they managed to update Aadhaar details without the actual person even being involved.
A key move here was changing the mobile number linked to Aadhaar. Once this was done, the entire control shifted to the attackers.
What happened after identity takeover
With the Aadhaar-linked mobile number changed, the attackers gained access to OTPs and alerts. They gained access to DigiLocker, banking alerts, and other linked services. New SIM cards were issued, bank accounts were opened, and personal loans were taken, usually in the range of Rs 25,000 to Rs 50,000.
To make sure the trail wasn't easy to follow, the money was routed through multiple bank accounts, including IDFC Bank, Kotak Mahindra Bank, City Union Bank, and Jio Payments Bank. Investigators believe the gang was generating around Rs 10 lakh to Rs 15 lakh annually through such frauds.
The case came to light when a businessman stopped receiving OTPs. What initially seemed like a technical issue turned out to be a complete takeover of his Aadhaar-linked identity. By then, loans had already been taken in his name.
Investigators also found that certain Aadhaar kit operators and cyber cafe agents helped in changing details for commission.
Authorities have flagged "serious loopholes" in the system and alerted the Aadhaar department, while further investigation is ongoing to identify more victims.
How to stay safe
- Avoid uploading clear, high-resolution personal photos publicly unless necessary
- Limit sharing of personal details like PAN or contact information online
- Regularly check if your Aadhaar-linked mobile number is active and correct
- Pay attention if OTPs or bank alerts suddenly stop coming
- Monitor your bank accounts and credit history for unknown activity
- Report any unauthorised loan or transaction immediately
- Enable alerts for all banking and financial activities
Get latest Tech and Auto news from Techlusive on our WhatsApp Channel, Facebook, X (Twitter), Instagram and YouTube.