Seqrite, Quick Heal Technologies’ enterprise security division, released its India Cyber Threat Report 2026 documenting 265.52 million detections across more than 8 million endpoints—an average of 505 threats intercepted every minute. Financial services emerged as a prime target with 1.16 million incidents representing 4.36% of total volume, driven by sophisticated brand impersonation campaigns and cloned customer portals harvesting policyholder data from insurers.
Fake Domains and Trojans Target Insurance Data
Insurance firms faced escalating threats through lookalike domains and counterfeit policy renewal/claim verification sites mimicking legitimate insurer interfaces. These phishing portals solicit policy numbers, personal identification details, OTPs and payment credentials under pretexts of premium adjustments, lapsed renewals or compliance verification. Seqrite telemetry highlighted Android banking Trojans and infostealers employing overlay attacks and real-time session hijacking to capture financial credentials mid-transaction.
Trojans accounted for 88.4 million detections and file infectors 71.1 million, comprising nearly 70% of overall malware activity as gateways to credential theft, remote access and ransomware deployment. Ransomware, though under 1% of detections, delivered peak impact with 185 incidents and over 113,000 alerts in January 2025 alone. Cryptojacking followed at 6.5 million detections.
On-Premise Dominance and Cloud Evasion Tactics
A striking 91% of detections originated from on-premise environments, exposing persistent vulnerabilities in legacy infrastructure and internal networks. Cloud‑adjacent threats shifted toward identity abuse and OAuth token exploitation to sidestep endpoint controls. Digital insurers accelerating self-service portals and API integrations with intermediaries risk exposure of customer records, underwriting documents, medical disclosures and claims data to fraud or regulatory breaches.
Geographically, Maharashtra logged 36.1 million detections, Gujarat 24.1 million and Delhi 15.4 million; Mumbai, Kolkata and New Delhi topped city‑level impacts. Education, healthcare and manufacturing together claimed 47% of total detections.
Privacy Solutions for Evolving Compliance Landscape
Seqrite introduced an indigenous Data Privacy platform and DPDP Act resource hub tailored for Indian enterprises handling sensitive financial and medical information. The firm emphasised that robust data governance underpins customer trust as digital onboarding expands attack surfaces.
