Nearly two in five Indian banks continue to expose customers and employees to elevated risks of email-based fraud due to gaps in email authentication controls, according to new research released by Proofpoint.
The findings are based on a Domain-based Message Authentication, Reporting and Conformance (DMARC) analysis of 80 Indian banks, assessing how effectively institutions are protecting their domains from email spoofing, phishing and impersonation attacks. DMARC is a widely adopted email authentication protocol with three enforcement levels, monitor, quarantine and reject; with “reject” offering the highest level of protection by blocking fraudulent emails before they reach inboxes.
Strong adoption, uneven enforcement
The analysis shows that while 99% of Indian banks have implemented DMARC in some form, enforcement levels vary significantly:
- 61% have implemented DMARC at the “reject” level, fully blocking unauthorised emails.
- 28% operate at the “quarantine” level, diverting suspicious emails
- 10% remain at the “monitor” level, which provides visibility but no enforcement.
- 39% of banks therefore do not enforce the recommended strictest DMARC configuration.
According to Proofpoint, this gap leaves millions of customers vulnerable to phishing, business email compromise (BEC) and brand impersonation attacks—threats that have increased alongside the rapid digitisation of India’s financial services sector.
Rising impact of cyber-enabled financial fraud
India has seen a marked rise in cyber-enabled fraud, particularly schemes driven by phishing emails and impersonation attacks. Official figures indicate that reported cyber fraud losses reached approximately ₹36.45 lakh on the National Cyber Crime Reporting Portal as of 28 February 2025, underlining the growing impact of digital fraud on individuals and institutions.
Bikramdeep Singh, India Country Manager at Proofpoint, said the banking sector has reached a critical inflection point as digital adoption accelerates. While progress has been made in email authentication, he noted that gaps in enforcement continue to leave customers exposed to increasingly sophisticated attacks.
Recommended actions for organisations
Proofpoint recommends that organisations strengthen both technical controls and user awareness by:
- Verifying the authenticity of all email communications, particularly messages impersonating trusted brands or internal stakeholders
- Exercising caution around emails requesting login credentials or threatening account suspension
- Adopting phishing-resistant multi-factor authentication, such as passkeys
The analysis was conducted in January 2026, using publicly available data from domains associated with banks regulated by the Reserve Bank of India.
The findings highlight that while Indian banks are broadly aware of email-borne threats, consistent enforcement of advanced authentication standards remains critical to reducing fraud risk and protecting customer trust in an increasingly digital financial ecosystem.