The Agency for Regulation and Development of the Financial Market of the Republic of Kazakhstan published consumer-facing guidance warning that deepfakes are being used to facilitate cyberattacks and the theft of citizens’ confidential data, including in financial fraud. It explains that artificial intelligence can be used to generate or alter photos, videos and audio, and that some services can create deepfake content from as little as a single video or a few seconds of voice. The notice sets out common fraud scenarios, including impersonation to gain access to bank accounts, obtain fraudulent credit, or mimic calls from relatives, managers or bank employees, and it warns that images of senior officials and financial-sector leaders may be misused to build trust. It lists indicators of deepfakes and social-engineering tactics such as rushed requests, discouraging call-backs, and demands for secrecy, and it cautions against investment offers that redirect users to fake websites to submit personal data and transfer small amounts. The agency also notes that requirements are in place for financial organisations to apply two-factor authentication, with mandatory use of biometrics as a key factor, when providing remote services to clients, alongside ongoing measures to support information security including the cybersecurity of financial organisations’ mobile applications.
Agency for Regulation and Development of the Financial Market of the Republic of Kazakhstan 2026-03-13
Agency for Regulation and Development of the Financial Market of the Republic of Kazakhstan issues deepfake fraud alert and highlights mandatory biometric two-factor authentication
Kazakhstan's Financial Market Agency warned of deepfakes in cyberattacks and fraud. The notice outlines scenarios like impersonation for bank access and fraudulent credit, highlighting rushed requests and secrecy demands. It emphasizes two-factor authentication and biometrics in remote financial services to enhance cybersecurity.