Cyber Crooks Are Getting Smarter — And AI Is Their New Best Friend

The report shows a major jump in phishing and Business Email Compromise (BEC) attacks — many now boosted with deepfakes and AI chatbots. In the first half of 2024 alone, phishing incidents in India shot up by 175%. Attackers are no longer just sitting on keyboards — they’re using AI to mimic your boss, spoof bank officials, and steal OTPs mid-conversation.

One example in the report talks about a reward point scam where 250 points were jacked up from ₹4,000 to ₹4 lakh using API loopholes. Another case shows insider fraud where someone quietly drained funds from dormant accounts for two years.

Supply Chain Is the New Weak Link

The report also flags rising ransomware threats, cloud data leaks, and weak APIs that allow fraudsters to ride free on legitimate payment flows.

Hackers aren’t just going after banks directly. They’re slipping in through backdoors — third-party software vendors, cloud misconfigurations, and even hardware wallets. There’s a case where a Trezor wallet (outside India) got cracked wide open using something called “fault injection” — basically, a hacker tricked the device into spilling ₹16 crore worth of crypto.

“Cybersecurity is not just about protecting one bank,” said CERT-In’s Dr Sanjay Bahl. “It’s about safeguarding the whole ecosystem.”

This isn’t about buying another antivirus or fancy firewall. It’s about teamwork — between regulators, banks, software vendors, and even customers. Everyone’s part of this digital chessboard.

Read More:

TPV launches 5 new Philips audio products in India