The digital revolution that is taking place in India has led to greater speed, efficiency, and accessibility in services. But it has also resulted in the creation of many vulnerabilities that hackers are using with great sophistication to commit cyber crimes. The following case, which was recently brought to light by the cybercrime police of Ahmedabad, serves as a clear indication of how much cyber crime has developed in recent times.

It would be fair to say that this is not any ordinary case of phishing or OTP hacking. In fact, it is one of the most sophisticated cases of cyber crime where AI has been used to manipulate and change identities to gain access to financial resources.

How the Aadhaar-Linked Scam Unfolded

This case starts with a businessman who discovers something strange; his mobile number associated with his Aadhaar account has been changed without his prior knowledge. At first glance, it might not look like a big deal, but it becomes the starting point of a full identity theft process.

After changing the associated mobile number, the hackers can receive any OTP sent to the businessman’s phone. With this simple step, they can log in to various digital accounts. They can log into DigiLocker, which is a platform storing many important documents. Then, according to reports, the hackers proceed to change their KYC information, create bank accounts in the victim’s name, and get a loan using his identity.

The worst thing about this crime is that there was no breach in the banks’ system. No phishing call or any other attempt to obtain OTPs from the victim happened. Everything starts with the alteration of one piece of information the mobile number associated with the Aadhaar account.

Also Read: Netflix Clips Feature Brings Reels Style Scrolling to Transform Streaming Discovery

The Role of AI in Executing the Fraud

Herein lies the even darker side of this whole situation. Unlike the regular scam attempts, this time around, AI was used by the criminals in order to circumvent the biometric checks.

As discovered during the investigation process, the criminals made use of AI-based software to create “blink videos” out of the still photos of the victims. The video created was capable of mimicking real-life blink movement, and thus, fooling systems that employ liveness checks, which are common when conducting KYC procedures and banking operations.

The implication here is clear identity credentials were not just stolen but also recreated in AI form.

A Coordinated and Organised Cybercrime Network

Moreover, the case study reveals the possibility of this being an organized crime, implying the existence of an elaborate cybercrime network. The criminals were divided into groups that carried out their respective tasks, which were linked together in a coordinated manner to accomplish the objective of defrauding the victims.

For instance, some were assigned the task of obtaining the personal information of the victims, such as their Aadhaar credentials and photos. The second group utilized the Aadhaar updation kit, which is available at the CSC center, to alter the number in the database of the person concerned without his consent. A third team specialized in employing artificial intelligence for forging the facial recognition test footage.

Why This Scam Is More Dangerous Than Previous Ones

Cyber fraud cases have been on the rise in India, ranging from OTP fraud cases to 'digital arrest' cases. But the uniqueness of this particular fraud case lies in its sophistication and implementation.

While traditional scams operate on human mistakes such as sharing OTP codes, this new fraud case makes minimal use of human intervention. By manipulating data, cloning identities, and using artificial intelligence to bypass verification processes, this scam has merged all its strategies into one attack vector.

Detection becomes increasingly difficult due to the involvement of legitimate actions performed by attackers that validate their presence using credentials, biometric authentication, and data alteration processes.

Also Read: ChatGPT Images 2.0 Sees Massive Surge in India as Users Embrace AI Creativity

What You Should Do to Stay Safe

Although the circumstances might seem scary, it is not necessary to worry though being wary and taking action are absolutely imperative.

Firstly, users must frequently check their phone numbers linked to Aadhaar to make sure that no unauthorized alterations have taken place. Also, it is very necessary to keep track of the user's banking activities and monitor their transactions and usage on DigiLocker, if there is any.

Moreover, users must be extremely careful about where they send out personal information. Uploading the copy of one's Aadhaar card, ID proof, or even photograph in a random location can often become a gateway for harvesting data.

Similarly, while uploading any documents online, one must make sure that it is done through a genuine portal. The process usually begins with the upload of personal information on an insecure website.

The most essential step of all is taking action as soon as any red flags appear. This includes noticing any missing OTPs, account alterations, or suspicious transactions and reporting them immediately. One can do so through the official portal dedicated to cybercrimes or by calling the nationwide helpline number 1930.

The Ahmedabad Aadhaar scam isn't merely a tale of yet another cybercrime; rather, it serves as a harbinger for the changing face of cyber threats in the age of AI.

This episode reveals a vital paradigm shift within the realm of cybersecurity, one that transcends mere protection against password breaches or phishing attacks. In today's context, cybersecurity means securing your complete digital footprint.

With India witnessing an unprecedented expansion of its digital services, awareness and caution have ceased to be luxuries. They are necessities.