A 79 year old woman in Bengaluru lost nearly ₹35 lakh this year. She had watched a deepfake video of a well known business leader. He promised huge returns on a trading platform. The video looked real. The voice matched. The website looked professional. She was not careless. She was targeted by a machine built to look trustworthy. The Ministry of Electronics and Information Technology, has issued a warning.
CERT-In, CSIRT-Fin and cybersecurity firm SISA joined this warning too. AI powered cyberattacks are becoming a major threat. Banks, financial institutions and insurance companies are all at risk. Their new Digital Threat Report 2025-26 makes this clear. Six of the seven major threats they predicted last year have already come true. AI cyber threats are no longer a future worry. They are already hitting the banking sector.
Customers face the biggest risk here. Fraud, phishing and online scams are rising fast.The Digital Threat Report 2025-26 calls this AI asymmetry. Attackers are moving faster than the people trying to stop them. Old attacks needed a skilled team. They also needed weeks of planning. Now one person can do it. All they need is a laptop and an AI tool.
Also Read Google's Spam Update Just Changed The Rules, Here Is What Indian Banks Need To Know
Why Banks and Financial Institutions Are Facing More AI Cyberattacks?
India now depends heavily on digital payments. UPI handles billions of transactions every month. Millions of people bank from their smartphones. This has made banking faster and easier. But it has also created new risks. Every payment app is a target. Every KYC process is a target. Even customer support calls can be misused. Cybercriminals use these as entry points for AI powered attacks.
AI has also made attacks cheaper. Fraud rings no longer need advanced AI models. Many scams now run on small, open source AI tools. Criminals buy these cheaply on Telegram channels. They run them on ordinary gaming laptops. This has pulled in far more criminals. Banks, NBFCs and insurers now face attacks at a scale that did not exist five years ago.
Also Read RBI Rules Out NBFCs New Rules; What It Means for You?
The Biggest AI Cyber Threats MeitY Has Highlighted
AI powered phishing emails and SMS now sound natural and personal. They often use details scraped from social media. This tricks people into clicking fake bank links.
Credential theft and password attacks are getting faster. AI helps criminals guess or steal login details. This is quicker than old brute force methods.
Cloud security breaches are a growing risk. Most banks now store data on shared cloud platforms. One weak link can expose several institutions at once.
Supply chain attacks target vendors and fintech partners. They do not always hit the bank directly. A single vendor disruption can spread across many institutions at the same time.
AI driven malware and ransomware are evolving too. This malware can now rewrite itself to dodge detection tools. Bank security teams find it harder to catch in time.
Also Read Kotak to Acquire Deutsche Bank India Retail Business: Why This Deal Matters Beyond ₹282 Crore
How You Could Become the Next Target
Account takeover is one of the biggest threats. Cybercriminals steal login details. They use these to access accounts and transfer money. Online payment fraud is rising too. Scammers use fake UPI requests. They also use cloned QR codes to trick people.

Identity theft is another growing concern. Criminals use AI generated documents and fake photos. They create false identities with these tools. Then they open bank accounts in someone else's name.
Fake calls and messages are common now. Some scammers use deepfake voice calls. These calls can sound like bank officials. They can even sound like the RBI Governor. The Reserve Bank of India has already warned people about such fake videos and voice scams.
Insurance and loan fraud is also rising. Criminals use AI generated bank statements. They use fake documents to claim loans or insurance benefits through fraud.
Also Read India’s Banks Are Betting Big on AI — But Only 21% Are Fully Ready
Banks Are Not Sitting Idle. Here Is Their Plan
Banks are using AI to fight back too. Many now have AI powered systems. These systems detect unusual transactions quickly. They alert customers right away. Multi factor authentication is becoming common. This includes OTPs and biometric checks. It applies to internet banking and UPI apps alike.
Banks are also watching transactions in real time. This helps catch suspicious activity early, often before money moves. Cloud security is getting stronger too. Banks are checking third party vendors more closely. They are also training employees regularly. This helps staff spot phishing and other scams faster.
Beyond the Warning: What Got Buried
Most reports stop at listing the threats. One thing gets skipped often. It is the vendor concentration problem. Indian banks, insurers and fintechs often use the same cloud platforms. They also share the same API providers. A single breach at one vendor rarely stays contained. It can spread quietly across dozens of institutions at once. The Digital Threat Report flags this as a growing blind spot.
Another missed angle is deepfake injection. This targets video KYC itself. Fraudsters are not just calling customers anymore. They are compromising devices directly. They inject AI generated faces into live video calls. This defeats the liveness checks banks depend on. These checks are meant to confirm a real human is present. One NBFC reportedly lost between ₹15 crore and ₹20 crore this way. Synthetic bank statements and deepfake KYC videos passed through its system undetected.
There is also a shadow AI problem inside banks. Employees sometimes use unapproved AI tools for daily work. This can leak sensitive customer data by accident. Regulators are only starting to take this risk seriously.
Finally, India has new rules on this front. The IT Amendment Rules 2026 took effect in February this year. They legally define synthetic media for the first time. Platforms must now remove flagged deepfakes within three hours. Few customers know this rule even exists. Yet it directly affects how fast a fraudulent deepfake gets taken down.
Also Read RBI Opens FCNR(B) Swap Window, Banks Seek SBLC Relaxation for NRI Deposits
Why Cybersecurity Is Now Banking's Biggest Bet
Cyber resilience is no longer a side task for banks. It now sits right next to digital growth as a top priority. AI cyber threats in banking will keep evolving. The same AI tools used by attackers are being built into bank defences too. This race is not slowing down.
Customers cannot afford to stay relaxed anymore. A little caution with OTPs, calls and links can save lakhs of rupees. Banks have a clear task ahead too. Cybersecurity must become a shared responsibility. Staff, vendors and customers all play a part. Only then can banks stay safe as AI reshapes financial crime in India.
News4Bharat POV
AI is making banking fraud smarter in India. MeitY says this threat is real. Rising fraud cases and losses back this up. Banking fraud has already cost ₹48,021 crore. Deepfake scams are becoming common too. Banks are upgrading their security systems. But no technology can stop every attack.
Customers need to stay careful too. Always verify a request before sharing an OTP or password. If a call or video feels suspicious, contact your bank directly. AI keeps growing, and so do the tricks criminals use. Staying alert is now part of everyday digital banking.



