, India
174 views
/Tima Miroshnichenko from Pexels

4,800 phishing incidents monthly in India's banks

Banks use GenAI apps at a lower rate than other sectors, likely due to stricter controls.

On average, three out of every 1,000 banking employees click phishing links monthly, equating to over 4,800 incidents in India’s banking workforce alone, Netskope Threat Labs revealed in a new report. 

The report also identified three key threat areas: social engineering, malicious content delivery, and GenAI data security, based on data from various sources and insights from top adversary groups.

Phishing is the leading social engineering tactic, targeting banking employees’ credentials. 

Unlike other sectors where cloud app targeting is common, attackers here deploy fake websites that imitate banking portals to collect sensitive data.

In terms of GenAI data security, regulated data is the most commonly uploaded sensitive data type (46%) in banking, followed by intellectual property (23%) and passwords or keys (20%).

Banks use GenAI apps at a lower rate than other sectors, likely due to stricter controls; 93% of banks restrict at least one GenAI app, versus 77% across industries, with over half implementing data loss prevention (DLP) to limit sensitive information from entering GenAI applications.

Malicious content delivery remains a prominent threat vector, with Russian criminal groups, notably TA577 and Indrik Spider, being the primary actors. 

Malware targeting the industry includes Downloader.SLoad, Infostealer.AgentTesla, Trojan.FakeUpdater, Trojan.Parrottds, and Trojan.Valyria. Approximately one out of every 100 banking employee accesses malicious content monthly.

“The banking industry stands out as being one of the best at controlling the data risks associated with genAI apps. They are more aggressive at blocking apps without a legitimate business purpose and using DLP to control what can be sent to allowed apps,” Ray Canzanese, Director of Threat Labs at Netskope, said in a media release.

“The result has been a more strategic and measured adoption of genAI technology, which results in more secure data. Organisations in other industries can look towards the banking industry as an example of how to successfully control genAI,” Canzanese added.
 

Join Asian Banking & Finance community
Since you're here...

...there are many ways you can work with us to advertise your company and connect to your customers. Our team can help you dight and create an advertising campaign, in print and digital, on this website and in print magazine.

We can also organize a real life or digital event for you and find thought leader speakers as well as industry leaders, who could be your potential partners, to join the event. We also run some awards programmes which give you an opportunity to be recognized for your achievements during the year and you can join this as a participant or a sponsor.

Let us help you drive your business forward with a good partnership!