#FactCheck - AI-Cloned Audio in Viral Anup Soni Video Promoting Betting Channel Revealed as Fake

March 3rd 2023, New Delhi: If you have received any message that contains a link asking users to download an application to avail Income Tax Refund or KYC benefits with the name of Income Tax Department or reputed Banks, Beware!

CyberPeace Foundation and Autobot Infosec Private Limited along with the academic partners under CyberPeace Center of Excellence (CCoE) recently conducted five different studies on phishing campaigns that have been circulating on the internet by using misleading tactics to convince users to install malicious applications on their devices. The first campaign impersonates the Income Tax Department, while the rest of the campaigns impersonate ICICI Bank, State Bank of India, IDFC Bank and Axis bank respectively. The phishing campaigns aim to trick users into divulging their personal and financial information.

After a detailed study, the research team found that:

• All campaigns appear to be an offer from reputed entities, however hosted on third-party domains instead of the official website of the Income Tax Department or the respective Banks, raising suspicion.
• The applications ask several access permissions of the device. Moreover some of them seek users to provide full control of the device. Allowing such access permission could result in a complete compromise of the system, including access to sensitive information such as microphone recordings, camera footage, text messages, contacts, pictures, videos, and even banking applications.
• Cybercriminals created malicious applications using icons that closely resemble those of legitimate entities with the intention of enticing users into downloading the malicious applications.
• The applications collect user’s personal and banking information. Getting into this type of trap could lead users to face significant financial losses.
• While investigating the impersonated Income Tax Department’s application, the Research team identified the application sends http traffic to a remote server which acts as a Command and Control (CnC/C2) for the application.
• Customers who desire to avail benefits or refunds from respective banks, download relevant apps, believing that the chosen app will assist them. However, they are not always aware that the app may be fraudulent.

“The Research highlights the importance of being vigilant while browsing the internet and not falling prey to such phishing attacks. It is crucial to be cautious when clicking on links or downloading attachments from unknown sources, as they may contain malware that can harm the device or compromise the data.” spokesperson, CyberPeace added.

In addition to this in an earlier report released in last month, the same research team had drawn attention to the WhatsApp messages masquerading as an offer from Tanishq Jewellers with links luring unsuspecting users with the promise of free valentine’s day  presents making the rounds on the app.

CyberPeace Advisory:

• The Research team recommends that people should avoid opening such messages sent via social platforms. One must always think before clicking on such links, or downloading any attachments from unauthorised sources.
• Downloading any application from any third party sources instead of the official app store should be avoided. This will greatly reduce the risk of downloading a malicious app, as official app stores have strict guidelines for app developers and review each app before it gets published on the store.
• Even if you download the application from an authorised source, check the app’s permissions before you install it. Some malicious apps may request access to sensitive information or resources on your device. If an app is asking for too many permissions, it’s best to avoid it.
• Keep your device and the app-store app up to date. This will ensure that you have the latest security updates and bug fixes.
• Falling into such a trap could result in a complete compromise of the system, including access to sensitive information such as microphone recordings, camera footage, text messages, contacts, pictures, videos, and even banking applications and could lead users to financial loss.
• Do not share confidential details like credentials, banking information with such types of Phishing scams.
• Never share or forward fake messages containing links on any social platform without proper verification.

Source : https://www.aninews.in/news/business/business/alert-cybercriminals-target-taxpayers-and-banking-customers-with-phishing-campaign-and-malicious-application20230303182938/

Executive Summary

‍

A video is being widely circulated on social media by Pakistani users as propaganda against the Indian Army. In the video, a man can be seen being beaten by a group of women in the middle of a road. Based on the viral video, it is being claimed that in Phuket, Thailand, Lieutenant General Rajiv Kiran Sahni, DG EME of the Indian Army, was thrashed by "ladyboys" after he allegedly harassed them and refused to pay the full amount.

Research by the CyberPeace Research Wing  found the viral claim to be misleading and baseless. The viral video has no connection with Lieutenant General Rajiv Kiran Sahni (DG EME) of the Indian Army. According to credible media reports obtained during the research, this incident took place in Pattaya, Thailand, in December 2025, where a dispute over payment allegedly broke out between an Indian tourist named Raj Jasuja and some transgender women (ladyboys). Subsequently, the tourist was assaulted.

‍

Claim:

‍

A Pakistani website shared the viral video claiming that Indian Army Lieutenant General Rajiv Kiran Sahni (DG EME) was publicly thrashed in Phuket, Thailand, by ladyboys after he harassed them and refused to pay the full amount.

‍https://dnd.com.pk/indian-lt-gen-rajiv-kumar-sahni-dg-eme-was-thrashed-publicly-in-phuket-after-he-touched-a-ladyboy-without-permission/329732/

‍

‍

‍

Meanwhile, on the social site X (formerly Twitter), a user shared the viral video and wrote, “Indian Army Lt Gen Rajiv Kiran Sahni, DG EME, thrashed by Thai ladyboys in Phuket after harassing them and refusing to pay full amount. They think they can bully and oppress people everywhere like Christians in Manipur, but Thailand showed them the reality.”

‍

https://x.com/uthmanrumi2025/status/2061554209036898369

‍

‍

‍

Fact Check:

‍

To investigate the claim made with the viral video, we conducted a reverse search of the video's keyframes. During this process, we found a report by The Times of India. The report, published on January 4, 2026, stated that “According to 'The Thaiger', an Indian tourist was hospitalized in Pattaya, Thailand. It is alleged that a group of transgender women attacked him following a dispute over payment for escort services. The incident occurred on December 27, when rescue workers from the Sawang Boriboon Foundation received a call around 5:30 AM regarding an injured foreign tourist near the beachside entrance of Walking Street. According to the rescue workers who found the victim, he was identified as 52-year-old Indian national Raj Jasuja. Injury marks were clearly visible on his face and the back of his head. He was given first aid before being taken to the hospital for further treatment. A 19-year-old Thai witness, Pongpol Boonchid, told police and rescue workers that the fight began when Raj was seen arguing with a transgender sex worker near the entry gate of Walking Street. The row escalated as both began chasing and hitting each other. According to the witness, the transgender woman then called several of her friends, who arrived and collectively attacked the Indian tourist. It is believed the fight started over money, as the tourist reportedly did not pay the full amount agreed upon for the services. Raj has not made any public statement regarding the incident.”

‍

https://timesofindia.indiatimes.com/world/rest-of-world/indian-national-raj-jasuja-thrashed-by-transwomen-in-thailand-after-allegedly-refusing-to-pay-for-escort-service/articleshow/126327519.cms

‍

‍

Furthermore, another report by The Indian Express, published on January 5, 2026, stated regarding the incident: “A group of transgender women allegedly beat up an Indian tourist in Pattaya, Thailand, according to a local media report. The dispute reportedly arose over non-payment of fees for sex services. In a viral video from December 27, three transgender women are seen hitting the 52-year-old man with slippers. The situation worsened when the man refused to pay the requested amount and tried to leave the spot in a car. The transgender women accused the man of not paying. Subsequently, he was allegedly kicked and punched, after which emergency responders intervened. According to a report by 'The Thaiger', the man suffered injuries to his face and the back of his head. He was given first aid on the spot and later taken to Pattamaku Hospital for further treatment. A Thai eyewitness told rescue workers that he saw the man arguing with a transgender sex worker near the entrance of the famous 'Walking Street' area. The witness stated that the argument turned into a physical altercation, with both parties reportedly chasing and hitting each other, after which others joined in, turning it into a group attack. According to the report, the witness further claimed the dispute occurred because the Indian tourist allegedly did not pay the full amount fixed for sexual services. Thai police said they would ask the man to file a formal complaint once he fully recovers.”

‍

https://indianexpress.com/article/trending/trending-globally/indian-man-beaten-by-transgender-women-in-pattaya-viral-video-10455877/

‍

‍

Conclusion:

‍

Our research found the viral claim to be misleading and baseless. The viral video has no connection with Lieutenant General Rajiv Kiran Sahni (DG EME) of the Indian Army. According to credible media reports, the incident occurred in Pattaya, Thailand, where in December 2025, an Indian tourist named Raj Jasuja had a dispute over payment with some transgender women (ladyboys), leading to the assault.

‍

Introduction

A 33-year-old MBA graduate and 36-year-old software engineer set up the cybercrime hub in one bedroom. They formed the nameless private enterprise two years ago and hired the two youngsters as employees. The police revealed that the fraudsters moved Rs 854 crore rapidly through 84 bank accounts in the last two years. They were using eight mobile phones active during the day and night for their malicious operations. This bad actors group came in the eyes of the police when a 26-year-old woman filed a complaint, she was lured and cheated for Rs 8.5 lakh on the pretext of making small investments for high returns. It led to cyber crime police on their doorstep. The police discovered that they were operating a massive cyber fraud network from that single room, targeting a large number of people for committing cyber fraud through offering investment schemes and luring innocent people. 

How cybercrime fraudsters lured the victims?

The Bangalore police have busted a cyber fraud scam worth 854 Crore rupees. And police have arrested 6 accused. These bad actors illegally deceived numerous victims on the pretext of investment schemes. The gang used to lure them through WhatsApp and Telegram. Initially, the people were asked to invest small amounts, promising daily profits ranging from 1 thousand to 5 thousand rupees. As the trust grew, thousands of victims indulged in investments ranging from 1 lack to 10 lack rupees. This Money luring modus operandi was used by the fraudsters to attract them and get the victims to invest more and more. The amount invested by the victims was deposited into various bank accounts by the fraudsters. When the victims tried to withdraw their amount after depositing they were unable to do so. Soon after the amount was received, the accused gang would launder the money and divert it to other accounts. 

Be cautious of online investment fraud 

It concerns all of us who used to invest online. The Bangalore police have busted cyber crime or cyber investment fraud of 854 crore rupees. The 6 members of the gang that the police have arrested used to approach victims through WhatsApp and telegram to convince them to invest small amounts, from 1 thousand to 10 thousand at the bare minimum and promising them returns or profit amount per day and later lock this amount and diverting it into different bank accounts, ensuring that those get invested never get access to it again.  Now, this went on in the country receiving a large number of cases that have been registered from various states in the country. 

Advisory and best practices

• It is important to mention that there could be several other cybercrime investment frauds like this that you may not even be aware of. Hence, this incident of massive online investment fraud operated from the IT capital of the country definitely acts as an eye-opener for all of us. We urge people to be cautious and raise the alarm about any such cyber crime or investment fraud that they see in the cyber world today. 
• In the age of the internet, where there is a large number of mobile users in the country, and users look for a source of income on the internet and use it to invest their money, it is important to be aware of such fraud and be cautious and take proper precautions before investing in any such online scheme. It is always advisable to invest only in legitimate sources and after conducting due diligence.
• Be cautious and do your research: Whenever you are investing in any scheme or in digital currency, make sure to verify the authenticity or legitimacy of the person or company who is offering such service. Check the reviews, official website, and feedback from authentic sources. Find out whether the agents or brokers who contact you are licensed to operate in your state and are compliant with regulators or other investors. 
• Verify the credentials: Check the genuineness by checking the licenses, registration and certification of the person or company offering such services, whether he is authorised or not.
• Be Skeptical of offers which seem to be too good: If it sounds too good, be cautious and inquire about its authenticity, such as unsolicited offers. Be especially careful if you receive an unsolicited pitch to invest in a particular company or see it praised online but if you could not find current financial information about it from independent sources. It could be a fraudulent scheme. It is advisable to compare promised yields with current returns on well-known stock indexes.
• Seek Expert Advice: If you are a beginner in online investment, you may seek advice from reliable resources such as financial advisors who can provide more clarity on aspects of investment and guidance to help you make informed decisions.
• Avoid Unreliable Platforms: Be cautious and stick to authorised established agencies. Be cautious when dealing with a person or company lacking sufficient user reviews and credible security measures.
• Protect yourself online: Protect yourself online. Fraudsters target users on online and social marketing sites and commit various online frauds; hence, it's important to be cautious and protect yourself online. So be cautious and make your own sound decision after all analysis while investing in any such services. 
• Report Suspicious Accounts: If you encounter any social media accounts, social media groups or profiles which seem suspicious and engaged in fraudulent services, you must report such profiles to the respective platform immediately.
• Report cyber crimes to law enforcement agencies: A powerful resource available to victims of cybercrime is the National Cyber Crime Reporting Portal, equipped with a 24x7 helpline number, 1930. This portal serves as a centralised platform for reporting cybercrimes, including financial fraud.

Conclusion:

This recent cyber investment fraud worth Rs 854 Crore, orchestrated by a group of fraudsters operating from a single room, serves as a stark reminder of the risks posed by bad actors. This incident underscores the importance of being vigilant when it comes to online investments and financial transactions. As we navigate the vast and interconnected landscape of the internet, it is imperative that we exercise due diligence and employ best practices to protect ourselves. We need to be cautious and protected from falling victim to these fraudulent schemes, actively reporting suspicious accounts and cybercrimes to relevant authorities through resources like the National Cyber Crime Reporting Portal will contribute to helping stop these types of cyber crimes. Knowledge and awareness are some of the biggest factors we have in fighting back against such cyber frauds in this digital age and making a safer digital environment for everyone.

References

• https://www.news18.com/india/bengaluru-cyber-crime-rs-854-crore-84-banks-accounts-fraud-network-one-bedroom-house-yelahanka-karnataka-8618426.html
• https://indianexpress.com/article/cities/bangalore/cyber-crime-bengaluru-links-over-5000-cases-india-8982753/lite/

‍

‍