Proofpoint, Inc., a leading cybersecurity and compliance company, today released new research identifying that almost two in five (39%) of Indian local banks are lagging behind on basic cybersecurity measures, subjecting customers, staff, and stakeholders to a higher risk of email-based impersonation attacks.
These findings are based on a Domain-based Message Authentication, Reporting, and Conformance (DMARC) analysis of 80 local banks in India. DMARC is an email validation protocol designed to protect domain names from being misused by cyber criminals. It authenticates the sender’s identity before allowing a message to reach its intended destination. DMARC has three levels of protection – monitor, quarantine, and reject, with reject being the most secure for preventing suspicious emails from reaching the inbox.
In recent years, India has experienced a significant surge in financial losses due to cyber-enabled fraud, including schemes driven by phishing emails, business email compromise (BEC), and brand impersonation. Official data shows that total losses from cyber fraud reached approximately ₹36.45 lakh reported on the National Cyber Crime Reporting Portal (NCRP) as of 28 February 2025. These figures illustrate the growing impact of email-based and other digital frauds on individuals and institutions, underscoring the need for enhanced cybersecurity measures, public awareness, and robust regulatory action.
“India’s banking sector stands at a critical inflection point. As our digital economy accelerates, cybercriminals are exploiting email to impersonate trusted banks and defraud customers,” said Bikramdeep Singh, India Country Manager, Proofpoint. “While Indian banks have made strong progress in email authentication, significant gaps remain that leave millions vulnerable to sophisticated phishing attacks. Proofpoint is committed to partnering with financial institutions to close these gaps and protect customer trust with the strongest possible safeguards.”
Proofpoint’s analysis shows that 99% of Indian banks have implemented a certain level of DMARC. Amongst them, 61% have adopted the strictest level of DMARC protection (Reject), which completely blocks fraudulent emails before they reach customers. However, it is concerning to see two in five (39%) Indian banks are still failing to strengthen their defences against email-based threats, which represents a significant vulnerability.
The full findings of Proofpoint’s DMARC analysis of India’s leading banks show:
- 39% of banks currently do not enforce the recommended strictest Reject level of DMARC implementation.
- 99% of the banks implement some form of DMARC, yet the DMARC policy levels employed vary as follows:
- 61% use DMARC – Reject (the highest level of protection).
- 28% use DMARC – Quarantine.
- 10% use DMARC – Monitor.
Proofpoint recommends that organisations follow these best practices:
- Check the validity of all email communication and be aware of potentially fraudulent emails impersonating trusted brands, colleagues, suppliers, and stakeholders.
- Be cautious of any communication attempts that request login credentials or threaten to suspend service or an account if a link isn’t clicked.
- Adopt phishing-resistant multifactor authentication, such as passkeys.
