AI in T-Bank’s Security System Stops 86% of Phishing Attacks
T-Technologies Group, including T-Bank, highlighted the growing role of artificial intelligence in cybersecurity in its 2025 annual report. AI now processes 30% of incidents and blocks 86% of phishing attacks without human involvement.
Over the course of the year, the company repelled more than 400,000 cyberattacks. Its AI-powered antifraud platform protected 1.5 billion rubles (about $20 million) across the accounts of 30,000 clients. The Kibershkval platform checked 373 million websites and identified 12,000 fraudulent pages. Every day, it blocks between 1,500 and 2,000 scam calls.
Resilient Financial Infrastructure
Russian fintech is demonstrating growing maturity in AI-driven security technologies. T-Technologies Group offers an example of industrial-scale AI deployment in cybersecurity. The process covers monitoring, antifraud operations, data protection, compliance, and vulnerability assessment. AI supports analysts while also responding to threats independently. Amid rapid technological expansion, Russia’s cybersecurity market exceeded 400 billion rubles (about $5.3 billion) in 2025, growing by 20% - 25%.
These technologies are reducing risks for bank customers. Expanding AI capabilities already enable rapid fraud detection and stronger phishing protection. Russia is gradually building a more resilient financial infrastructure: over the past year alone, banks prevented 13.9 trillion rubles (about $183 billion) in theft attempts. T-Bank, for example, protected 1.5 billion rubles in 2025.
Scaling Across Russia
AI is likely to become the standard for banking cybersecurity in Russia. It prevents phishing, detects anomalies, analyzes behavior, and protects data. T-Bank’s approach integrates artificial intelligence into product development through a security-by-design model, a strategy gaining traction as digital services expand, fraud schemes become more sophisticated, and the shortage of cybersecurity specialists intensifies. Banks are already using AI to identify suspicious transactions in real time.
Russian technologies could also be exported to partner countries. That would require compliance with regulations governing data exchange and adaptation to local threat environments. In the near term, however, it makes more sense to scale the model domestically, applying AI to secure operations in banking, marketplaces, telecom, and government digital services.
Among the risks tied to these technologies are the quality of AI training data and the use of AI tools by criminals themselves. Incomplete datasets can lead to false account blocks or missed attacks. Fraudsters are already generating phishing campaigns and deepfakes.
The Race for Data and Algorithms
In 2023, Sber’s antifraud system protected 300 billion rubles (about $3.9 billion) for customers with 99.6% effectiveness. In 2024, the bank introduced an AI platform for deep monitoring of its entire IT infrastructure and SOC operations. As with T-Bank, AI technologies evolved beyond blocking suspicious transfers to automatically identifying hidden threats across the bank’s systems.
In 2025, VTB embedded AI into its core infrastructure. The bank deployed more than 300 models for antifraud, AML, and scoring systems using domestic software. That same year, the Bank of Russia reported the growing role of antifraud platforms. Russian banks prevented 13.9 trillion rubles in theft attempts in 2025, turning cybersecurity into a technological race driven by data and algorithms. The industry shift is further reinforced by the Central Bank’s Antidrop platform for sharing information about fraudsters. Individual AI systems developed by banks are now being connected into a nationwide protection infrastructure.
Instant and Invisible Protection
T-Bank’s case confirms that AI, while processing 30% of incidents without human involvement, has become an autonomous layer of protection. Experts believe this share will continue growing over the next several years. Initially, automation will cover standard tasks such as antifraud and phishing defense before expanding into complex response scenarios and unified security platforms.
The market is likely to favor comprehensive systems, forcing smaller banks to purchase ready-made solutions from larger players. For citizens, protection will become instant and nearly invisible, while threats will increasingly be blocked before they cause harm. The main risks will stem from algorithmic errors and disputes over unjustified transaction blocks.
