A new cyber fraud method has come to light in which fraudsters are allegedly using AI-generated videos and fake biometric verification to change mobile numbers linked to Aadhaar cards. Cyber experts say this could allow criminals to gain access to OTPs, bank accounts, UPI apps and other digital services connected to Aadhaar. The Cyber Crime Branch has issued an advisory after several complaints surfaced. Cyber police officials and experts explained how fraudsters are targeting people through fake interviews, video KYC and data leaks. Woman targeted through fake online interview A 28-year-old woman from Jaipur received an online interview link for a job at a private company. During the video interview, she was first asked routine questions. Later, the interviewer told her that face verification was necessary for the selection process. She was asked to turn her face at different angles, blink repeatedly and look at the screen for a few seconds. After the interview, she received no response from the company. A few days later, she started receiving messages related to e-KYC and digital wallet activation. She then approached cyber police. Investigation revealed that attempts had allegedly been made to open a fake digital account in her name. Cyber experts suspect that the video and facial data recorded during the interview were used to create AI-based face cloning or deepfake models. These can allegedly be used to bypass Aadhaar verification systems. How fraudsters collect personal data Cyber criminals first gather Aadhaar numbers, photographs, mobile numbers and other personal details through social media, fake KYC calls, leaked databases and fake interviews. Experts said many people unknowingly share personal information publicly on platforms like Facebook and Instagram, making them easy targets. Officials said Aadhaar mobile number updates can only be done through Common Service Centres (CSC), which are government-authorised facilities for Aadhaar-related services. However, investigations found that some fraudsters allegedly misuse CSC systems through stolen logins, fake agent networks or collusion with operators. How Aadhaar mobile numbers are changed Under the normal process, a user visits a CSC to update the mobile number linked to Aadhaar. The operator logs into the system and verifies the person through biometric authentication using fingerprint or iris scan. During iris verification, users are asked to blink so that the system can confirm live presence. According to cyber experts, fraudsters now allegedly use AI tools to create realistic videos showing blinking eyes and matching iris movements from a person’s photograph. These AI-generated videos can reportedly fool face authentication systems. Experts describe this technique as “face or iris spoofing”. Risk after Aadhaar-linked number is changed ADG Cyber Crime VK Singh said that if criminals succeed in changing the mobile number linked to Aadhaar, they can gain access to OTPs, banking services, DigiLocker and e-KYC systems. This can allow fraudsters to access services linked to Aadhaar, including email accounts, bank accounts and UPI apps such as Google Pay and PhonePe. Officials warned that cyber fraud money can then be transferred through these accounts without the real user immediately noticing. Fake Aadhaar racket busted in Rajasthan On April 17, 2026, Rajasthan ATS and Hanumangarh Police raided an illegal Aadhaar enrolment centre in Bhadra town and uncovered a fake Aadhaar racket. Main accused Kuldeep Sharma, 28, was arrested from the spot. Investigators said the gang allegedly used edited photos, fake biometrics and AI-based digital manipulation to bypass Aadhaar security systems. Later, DoIT department programmer Dinesh Kumar, assistant programmer Ramnivas Soni and contractual employee Ravi Sheela were also arrested in connection with the case. Advisory issued for Aadhaar safety ADG Cyber Crime VK Singh advised people to regularly check Aadhaar authentication history, avoid unknown face scans and be cautious during video KYC processes. Cyber Crime DIG Shantanu Singh said people should stay alert and immediately report suspicious activity to the National Cyber Helpline 1930 or the nearest cyber police station. Complaints can also be registered on the cyber crime portal.