Bengaluru, February 4, 2026: Proofpoint, Inc., a global cybersecurity and compliance company, has released new research highlighting significant cybersecurity gaps within India’s banking sector, warning that millions of customers remain exposed to email-based fraud and impersonation attacks.
According to Proofpoint’s analysis of 80 local banks in India, nearly two in five banks (39%) are still not enforcing the strongest email authentication standards, leaving customers, employees, and stakeholders vulnerable to phishing, business email compromise (BEC), and brand impersonation scams.
The findings are based on an assessment of Domain-based Message Authentication, Reporting, and Conformance (DMARC), an email validation protocol designed to prevent cybercriminals from misusing legitimate domain names. DMARC operates across three levels of protection — Monitor, Quarantine, and Reject — with Reject providing the highest level of security by blocking suspicious emails before they reach inboxes.
Proofpoint’s research reveals that while 99% of Indian banks have implemented some form of DMARC, only 61% have adopted the strictest “Reject” policy, fully safeguarding customers from fraudulent emails. Meanwhile, 28% operate at the Quarantine level, and 10% remain at the basic Monitor level, indicating uneven cybersecurity maturity across the sector.
The report comes amid a sharp rise in cyber-enabled financial fraud in India. Official data from the National Cyber Crime Reporting Portal shows financial losses of approximately ₹36.45 lakh due to cyber fraud as of February 2025, underlining the growing threat posed by email-driven scams and digital impersonation.
Bikramdeep Singh, India Country Manager at Proofpoint, stated that India’s banking ecosystem is at a critical turning point as digital adoption accelerates. He noted that while progress has been made in strengthening email authentication, gaps remain that cybercriminals continue to exploit, potentially eroding customer trust and financial security.
Proofpoint has urged banks and organizations to strengthen cybersecurity frameworks by enforcing stricter DMARC policies, verifying email authenticity, adopting phishing-resistant multi-factor authentication such as passkeys, and raising awareness about fraudulent communications requesting sensitive information.
The report underscores the urgent need for stronger cybersecurity defenses, regulatory vigilance, and customer awareness to safeguard India’s rapidly expanding digital banking ecosystem from evolving email-based threats.
Elets The Banking and Finance Post Magazine has carved out a niche for itself in the crowded market with exclusive & unique content. Get in-depth insights on trend-setting innovations & transformation in the BFSI sector. Best offers for Print + Digital issues! Subscribe here➔ www.eletsonline.com/subscription/
