India is confronting a surge of AI-powered cyber threats that are outpacing traditional security measures, with deepfake scams alone costing the nation nearly ₹3,000 crore (roughly $360 million USD) in losses. As artificial intelligence and large language models become more accessible, criminals are using these tools to create convincing impersonations of executives, family members, and law enforcement officers to steal money and sensitive data. The Indian government is responding by mandating AI-driven defenses, strengthening data protection laws, and requiring organizations to patch vulnerabilities within hours rather than days.

What Are the Most Dangerous AI-Powered Threats Targeting India?

The sophistication of AI-driven attacks has fundamentally changed the threat landscape. Attackers are no longer limited to generic phishing emails; they can now create personalized campaigns at scale, complete with deepfake videos and voice clones that are nearly impossible to distinguish from the real thing.

• Digital Arrest Scams: Criminals use deepfake video calls to impersonate law enforcement officers, demanding money to "settle" fake criminal cases. These scams have collectively cost victims across India nearly ₹3,000 crore according to reports cited in judicial proceedings, including a Supreme Court suo moto petition.
• Financial Fraud Through Compromised Accounts: Indian banks reported over 17,000 fraud cases involving more than ₹36,000 crore during the first nine months of fiscal year 2025-26 (April through December 2025). The government has also blocked over 9.42 lakh (942,000) SIM cards linked to cyber frauds.
• Ransomware Attacks on Critical Infrastructure: Malicious software encrypts an organization's data, with attackers demanding ransom for decryption keys. In May 2026, the "Morpheus" ransomware group exfiltrated over 680 gigabytes of sensitive investor data from HDFC Asset Management, including personal identification numbers, bank details, and portfolio analysis, forcing the company to seek intervention from the Bombay High Court.
• Supply Chain Attacks: Attackers target vendors and software service providers rather than primary targets. By compromising a trusted software update or common service provider, hackers can gain access to thousands of downstream clients, as highlighted by recent concerns about the CBSE's OnMark portal.
• Adversarial Attacks on AI Systems: Cybercriminals use techniques such as prompt injection, data poisoning, and model manipulation to compromise AI systems, generate misleading outputs, bypass security safeguards, or extract sensitive information.

How Is India Strengthening Its Cyber Defenses?

Rather than relying on static security models, India's government agencies are adopting adaptive, AI-enabled defenses that can detect and respond to threats in real time. In May 2026, the Indian Computer Emergency Response Team (CERT-In) released a comprehensive blueprint specifically designed to combat AI-assisted cyberattacks.

CERT-In has advised organizations to patch known vulnerabilities affecting internet-facing and "crown-jewel" systems within 12 hours of being flagged where feasible, a dramatic acceleration from traditional timelines. The National Critical Information Infrastructure Protection Centre (NCIIPC), which acts as the nodal agency for defending sectors essential to national security such as power grids, banking, and telecommunications, has moved from template-based security checks to requiring real-time monitoring.

The Ministry of Electronics and Information Technology (MeitY) has also initiated a four-stage departmental summit to create a national cybersecurity policy architecture for all 36 states and union territories. This effort ensures that citizen data held by state governments, including health records, land records, and welfare databases, is protected as a legal obligation rather than an administrative choice.

What Role Does New Legislation Play in Protecting Citizens?

The Digital Personal Data Protection (DPDP) Act, 2023 represents a fundamental shift in how India approaches cybersecurity. Rather than treating data protection as a "best-effort" commitment, the law turns cybersecurity into a legal mandate for data fiduciaries, making organizations legally responsible for breaches and unauthorized access.

Beyond India's borders, the United States has introduced the Tools to Address Known Exploitation by Immobilizing Technological Deepfakes On Websites and Networks (TAKE IT DOWN) Act, which requires social media platforms to remove reported non-consensual intimate imagery, including AI-generated deepfakes, within 48 hours of receiving a valid complaint. The law also requires platforms to implement systems that prevent previously removed content from being reuploaded.

"The law also requires platforms to implement systems that prevent previously removed content from being reuploaded. This proactive approach shifts responsibility from victims to platforms and establishes a higher standard for content moderation," explained Alexandra Ryabova, Chief Operating Officer of Wizz App.

Alexandra Ryabova, Chief Operating Officer, Wizz App

How Are Social Media Platforms Fighting Deepfakes and Synthetic Content?

Social media companies are adopting a multi-layered defense strategy that combines identity verification, AI-powered moderation, and human oversight. Rather than relying solely on deepfake detection technology, some platforms are using age verification and facial-matching technologies to confirm that users are real individuals and reduce the creation of fake accounts.

Wizz App, a social media platform, permanently bans more than 40,000 accounts each year for failing verification requirements, and approximately 7 percent of age verification attempts are rejected due to authenticity concerns. The company is also developing an internal deepfake detection system specifically designed to identify manipulated profile images.

However, AI moderation systems are not perfect. They can misread context and incorrectly flag legitimate content. For example, a user discussing hair dye was mistakenly flagged for self-harm concerns, highlighting why human oversight remains critical in moderation decisions.

What Does This Mean for Cybersecurity Investment and Innovation?

The urgency of AI-powered threats is driving significant investment in cybersecurity innovation. In June 2026, Boston-based data and AI observability platform Coralogix raised $200 million in a Series F funding round led by Advent, CPPIB, and Greenfield. The company plans to use the funding to accelerate the development of agentic AI capabilities, expand its telemetry data lake architecture, and scale global enterprise expansion.

Pittsburgh-based AI security company Gray Swan raised $40 million in a Series A round led by Wing Venture Capital and Madrona. The company stated that the funding "will accelerate Gray Swan's go-to-market operations, deepen its partnerships with the labs building frontier AI, and scale the team helping the world's leading organizations deploy AI quickly without compromising security".

London-based deepfake-resistant biometrics startup Voxmind secured £547,000 (approximately $736,000 USD) in pre-seed funding led by Ascension Ventures, signaling growing investor confidence in technologies designed to prevent deepfake-based fraud.

The convergence of regulatory pressure, government mandates, and private investment suggests that the cybersecurity landscape is entering a new era where AI-powered defenses are no longer optional but essential. Organizations that fail to adopt adaptive security measures and implement rapid patching protocols risk becoming targets for increasingly sophisticated attacks that can compromise critical infrastructure, steal billions in financial assets, and undermine public trust in digital systems.