India lost Rs. 22,812 crore to cybercrime in 2024. Behind more than 8 out of every 10 phishing attacks was artificial intelligence. The threat is real. The good news is that AI can fight back.
By CyberCheck360 Research Team | May 2025: India’s cybercrime reporting portal received 19.18 lakh complaints in 2024. Total financial losses crossed Rs. 22,812 crore, nearly three times the Rs. 7,496 crore lost in 2023. These are not abstract statistics. They come from ordinary people across India who clicked a link that looked completely legitimate.
What changed so dramatically in one year? One word: AI.
According to the State of AI-Powered Cybercrime Report 2025 by GIREM and Tekion, 82.6% of phishing content targeting Indians last year was generated using machine learning. These sites are not obviously fake. They carry perfect grammar, pixel-perfect design and logos that match the real thing exactly. Even security professionals struggle to tell the difference.
WHY YOUR ANTIVIRUS CANNOT SAVE YOU ANYMORE
Most security tools, including antivirus software and browser warnings, rely on databases of known bad sites. But scammers now create a site, run their fraud for a few hours and delete it before any database has recorded it. This is what cybersecurity professionals call a zero-day phishing threat. Brand new. Unknown to every database. And invisible to every reputation check.
Research from Palo Alto Networks Unit 42 shows that over 70% of newly registered domains are malicious or suspicious, roughly 10 times higher than established domains. Critically, 41% of phishing domains are weaponised within just 14 days of registration. The window between a domain going live and active fraud has collapsed to hours.
Menlo Security’s State of Browser Security Report, published in March 2025, documented a 140% increase in browser-based phishing attacks in 2024, along with a 130% year-on-year rise in zero-hour phishing attacks specifically. SlashNext tracked a 1,265% surge in malicious phishing emails in the year following the public launch of ChatGPT in late 2022. Researchers at IIT Jammu confirmed in 2025 that even users with no technical background can now run complete phishing campaigns using freely available AI tools.
The barrier to cybercrime has not just lowered. It has nearly disappeared.
THE BRANDS SCAMMERS COPY MOST IN INDIA
Fraudsters are not random. They target platforms Indians trust most for money and personal data.
Fake SBI and major bank portals are used to harvest login credentials and OTPs. An RTI disclosure revealed nearly 16,000 cyber fraud incidents at SBI alone between January 2024 and October 2025. Fake IRCTC booking pages are timed deliberately to tatkal rushes and peak travel seasons. Fake UPI payment portals redirected Rs. 2,100 crore in fraud in 2024. Fake government portals impersonating Aadhaar, PAN and income tax services are used to steal identity documents.
The timing of these attacks is deliberate. During a sale, a tatkal rush or an IPO announcement, people move quickly. Scammers count on exactly that.
THREE LAYERS OF PROTECTION, THE LAST ONE BEING AI
CyberCheck360 Link Inspector is a free browser extension built specifically for this threat. It applies three layers of protection to every link clicked, silently and in real time.
The first layer checks every link against global databases of known phishing and malicious URLs at the moment of clicking. The second layer checks the domain’s age, registration details and patterns that are common to fraudulent infrastructure, flagging sites that were registered days or hours ago. The third and final layer uses AI to analyse the actual live page in real time, looking for phishing behaviour that no database has ever recorded. This is the layer that catches zero-day threats, sites that are hours old and completely invisible to every other security tool.
No single tool is enough. Each layer catches what the others miss. Together they protect against the full range of threats targeting Indian users today.
When the extension identifies a site as malicious, it blocks access immediately before any personal or financial information can be entered. The site shown in this example was just 2 days old at the time of blocking. No antivirus, no Google Safe Browsing alert and no reputation blacklist had recorded it. Domain intelligence and AI together caught what everything else missed.
When the extension detects a newly registered domain showing phishing signals, it raises a clear warning in plain language, showing the domain age, the flagged URL and the reason for the alert. The user can choose to go back safely without interacting with the page at all. No technical knowledge is required to understand the warning.
INSTALL IN 30 SECONDS. COMPLETELY FREE.
You cannot always spot a fake site yourself. These sites are built by professionals whose full-time job is to fool you. The only reliable protection is a tool that checks every link before you act on it.
CyberCheck360 Link Inspector takes 30 seconds to install and works silently in the background. There is no account required and no personal data collected. It checks every site visited using reputation checking, domain intelligence and AI, and raises an alert before any damage is done.
The extension is available free at: https://cybercheck360.com/products/browser-extension/
About CyberCheck360
CyberCheck360 helps organisations protect their employees from phishing attacks. If your team receives emails and clicks on links every day, CyberCheck360’s Email Click Protection ensures every single click is checked and dangerous links are blocked before any damage is done. No technical setup needed for employees. No change to how they work. Just silent protection on every click, across the entire organisation.
Learn more at https://cybercheck360.com/email-click-protection/
