Seqrite flags rise in AI-driven impersonation risks across BFSI sector; urges institutions to strengthen identity verification and data protection frameworks
Pune, May 2026: As India’s financial ecosystem becomes increasingly digital and real-time, a new class of threat is beginning to take shape. Deepfake-enabled fraud, powered by artificial intelligence, is emerging as a high-impact attack vector targeting financial institutions, customers, and transaction ecosystems.
Amidst this, Seqrite, the enterprise security arm of Quick Heal Technologies Limited, a global provider of cybersecurity solutions, highlights a growing trend of AI-driven impersonation attacks that leverage synthetic voice, video, and identity manipulation to bypass traditional verification mechanisms.
Unlike conventional fraud attempts, deepfake-based attacks are designed to exploit trust at scale. Attackers can mimic executives, relationship managers, or customers with high accuracy, enabling fraudulent authorisations, account takeovers, and real-time payment manipulation. These attacks are particularly effective in environments where speed of transaction often outweighs verification depth.
Insights from the India Cyber Threat Report 2026, developed by Seqrite Labs, reinforce the urgency of this shift. Between October 2024 and September 2025, Seqrite recorded 265.52 million detections across more than 8 million endpoints, averaging 505 detections every minute, reflecting the relentless pace at which cyber threats are evolving.
The report also highlights that Trojans (~43%) and file infectors (~35%) together account for nearly 70 percent of all detections, with many campaigns relying on social engineering and identity deception to initiate compromise. This behavioural dependency is now being amplified by AI, enabling attackers to execute fraud with greater precision and credibility.
Financial institutions, by design, operate on trust-driven interactions across customers, vendors, and internal systems. Deepfake-based fraud exploits this trust layer, embedding itself within legitimate communication channels such as calls, video verifications, and approval workflows, making detection significantly more complex.
The implications extend beyond financial loss. Under the Digital Personal Data Protection (DPDP) Act, 2023, financial institutions are required to safeguard personal data and ensure secure processing across digital interactions. A deepfake-led breach can lead to unauthorised access, identity misuse, and compliance violations, exposing organisations to regulatory penalties and reputational damage.
Addressing this emerging threat requires a shift from static identity verification to dynamic, behaviour-led validation. Institutions must strengthen multi-layered authentication, deploy anomaly detection across transaction flows, and monitor communication channels for manipulation signals.
In this context, solutions such as Seqrite Digital Risk Protection Service enable organisations to detect impersonation risks across external digital surfaces, while Seqrite Data Privacy supports DPDP readiness through automated data discovery, classification, and governance.
At the user level, Quick Heal AntiFraud.AI, powered by behavioural analytics, plays a critical role in identifying suspicious activity patterns and preventing fraud attempts before execution.
The rise of deepfake-based fraud signals a broader evolution toward cognitive and identity-led cyberattacks. As highlighted in the report, the next phase of threats will be increasingly AI-driven, adaptive, and capable of bypassing conventional controls.
In such a landscape, trust can no longer be assumed. It must be continuously verified.
