4,800 phishing incidents monthly in India's banks

Banks use GenAI apps at a lower rate than other sectors, likely due to stricter controls.

On average, three out of every 1,000 banking employees click phishing links monthly, equating to over 4,800 incidents in India’s banking workforce alone, Netskope Threat Labs revealed in a new report. 

The report also identified three key threat areas: social engineering, malicious content delivery, and GenAI data security, based on data from various sources and insights from top adversary groups.

Phishing is the leading social engineering tactic, targeting banking employees’ credentials. 

Unlike other sectors where cloud app targeting is common, attackers here deploy fake websites that imitate banking portals to collect sensitive data.

In terms of GenAI data security, regulated data is the most commonly uploaded sensitive data type (46%) in banking, followed by intellectual property (23%) and passwords or keys (20%).

Banks use GenAI apps at a lower rate than other sectors, likely due to stricter controls; 93% of banks restrict at least one GenAI app, versus 77% across industries, with over half implementing data loss prevention (DLP) to limit sensitive information from entering GenAI applications.

Malicious content delivery remains a prominent threat vector, with Russian criminal groups, notably TA577 and Indrik Spider, being the primary actors. 

Malware targeting the industry includes Downloader.SLoad, Infostealer.AgentTesla, Trojan.FakeUpdater, Trojan.Parrottds, and Trojan.Valyria. Approximately one out of every 100 banking employee accesses malicious content monthly.

“The banking industry stands out as being one of the best at controlling the data risks associated with genAI apps. They are more aggressive at blocking apps without a legitimate business purpose and using DLP to control what can be sent to allowed apps,” Ray Canzanese, Director of Threat Labs at Netskope, said in a media release.

“The result has been a more strategic and measured adoption of genAI technology, which results in more secure data. Organisations in other industries can look towards the banking industry as an example of how to successfully control genAI,” Canzanese added.