Cyber threats have become an immediate and inescapable reality for India’s banking, financial services and insurance (BFSI) industry.
In 2024, the sector witnessed a surge in the sophistication, scale, and diversity of cyberattacks, with phishing attacks, deepfakes and tech vulnerabilities emerging as key threat vectors and attack techniques, according to a new report by the Indian Computer Emergency Response Team (CERT-In), the Computer Security Incident Response Team in Finance sector (CSIRT-Fin), and SISA, a cybersecurity solutions company from India.
Phishing attacks surge
In H1 2024, cybersecurity firm Kaspersky recorded more than 135,000 phishing attacks targeting India’s financial sector. The number represents a 175% surge compared to the same period the prior year, underscoring the heightened activity within an increasingly volatile threat landscape.
Financial phishing refers to cyberattacks that target users of online banking, payment systems, and e-commerce platforms, aiming to steal sensitive financial data. These attacks often involve fraudulent communication, where cybercriminals impersonate legitimate institutions like banks, payment providers, or even well-known online retailers.
Kaspersky attributes their surge in India to the ongoing digital transformation, and rapid adoption of digital banking, e-commerce and payment platforms in the country.
India is one of the largest and fastest-growing fintech markets in the world. The country boasts more than 9,000 entities, ranking third globally, according to the National Payments Corporation of India. Furthermore, adoption rate of fintech stands at an impressive 87%, well above the global average of 67%.
In 2024, India’s fintech market was estimated to be valued at around US$110 billion. By 2029, it’s projected to reach a remarkable US$420 billion, growing at an annual growth rate of 31%.
The rise of AI
The report also identifies artificial intelligence (AI) as a growing trend in the Indian cybercrime landscape. with attackers increasingly leveraging AI to make identity-based attacks more sophisticated and pervasive.
Generative AI (genAI) models, for example, are used to produce personalized content that exploits specific information about targets, increasing the likelihood of deceiving recipients into revealing sensitive information or clicking on malicious links.
A particularly alarming development is the emergence of highly advanced AI-powered chatbots designed specifically to assist in social engineering attacks. These chatbots leverage AI with natural language processing (NLP) capabilities to engage potential victims in seemingly benign conversations, subtly extracting credentials or sensitive data over time.
The surge of deepfakes
The rise of AI has also led to a surge in deepfake attacks. The technology is enabling large scale impersonation scams, including executive-level business email compromise (BEC) attacks and misinformation campaigns. These advanced impersonations, which use convincing AI-generated audio and video, trick users into revealing multi-factor authentication (MFA) codes or approving unauthorized authentication requests.
India is experiencing a rise in deepfake identity fraud, with cases surging by 550% since 2019. Losses are projected to reach INR 700 billion (US$8.3 billion) in 2024 alone.
Finance is among the sectors most affected by the trend, with deepfake-based identity theft and fraudulent video know-your-customer (KYC) processes, in particular, rising to prominence.
Approximately 1.1 million video KYC calls are conducted daily in India, with an alarmingly high spoofing rate of 86%.
In 2025, the report expects AI-driven cyber attacks to become one of the most scalable and adaptable threats, challenging traditional defenses and requiring innovative countermeasures.
Credential theft: a key attack vector
Credential theft is highlighted as one of the most effective tactics for attackers to breach organizational networks. These credentials are acquired through phishing, information stealing malware, or dark web purchases, targeting usernames, passwords, and session cookies that bypass MFA.
They grant access to critical systems like single sign-on platforms, virtual private networks (VPNs), email accounts, and software-as-a-service (SaaS) applications. Many SaaS platforms include client-specific information in URLs, compounding the risk by exposing sensitive data when combined with compromised credentials.
Security gaps and vulnerabilities
Misconfigured cloud environments and insufficient security controls are another critical weakness. Common vulnerabilities include poor access controls, the lack of MFA, delayed security patches, and mismanagement of privileged accounts.
Application program interfaces (APIs) are also frequent targets. Threat actors frequently exploit weaknesses in API authentication such as hardcoded API keys, credential reuse across environments, and predictable patterns to breach systems, often with devastating results.
The 2025 Verizon Data Breach Investigations Report underscores the continued rise in vulnerability exploitation. In 2024, the exploitation of vulnerabilities as a primary method of initial access accounted for 20% of data breaches, marking a 34% increase from 2023.
The soaring cost of data breaches
The cost of cyberattacks and data breaches has consistently risen over the years. In 2024, the average cost of a data breach reached an all-time high of US$4.88 million globally, a 10% increase from 2023, according to IBM’s Cost of a Data Breach Report 2024. In India, that amount stood at US$2.35 million in 2024, up 7.8% year-over-year (YoY).
For financial industry enterprises, costs are even higher. These organizations spent US$6.08 million dealing with data breaches last year, which is 22% higher than the global average. The amount places the sector second after healthcare in breach-related expenses.
Malicious attacks remained the top attack vector in finance in 2024, at 51%, but IT failures and human error accounted for one-fourth of all attacks, coming in at 25% and 24%, respectively.
Featured image: Edited by Fintech Singapore, based on images by whoisdanny and EyeEm via Freepik
