How to protect yourself from SBI KYC Smishing and Phishing SMS Attack?

Do not click any links or share personal information Block and report the sender immediately Report at cybercrime.gov.in or call 1930 Inform your bank if financial details were shared

SBI KYC Smishing and Phishing SMS Attack

Verdict: Suspicious | Risk Score: 8/10 | Severity: high

Category: KYC, Phishing, OTP

How SBI KYC Smishing and Phishing SMS Attack Works

Overview: This fraud preys on SBI account holders with alarming SMS notifications warning of "KYC expiry" or imminent "account blockage." Victims, worried about losing access, are lured into clicking malicious links that lead to phishing pages designed to steal their account credentials and personal data. How It Works: Scammers mass-send SMS claiming to be from SBI, stating that your account is at risk of suspension due to outdated KYC or missing information. The message includes a link, often mimicking official channels, that leads to a fake website or downloads malware. This site prompts victims to enter information such as user ID, password, Aadhaar/PAN, mobile number, and sometimes even ATM card or OTP codes. All this data is transmitted in real-time to the attacker, who uses it for unauthorized account access or further social engineering. In sophisticated versions, clicking the link downloads a malicious APK app that compromises your device, letting criminals intercept messages or remote-control your phone. India Angle: SBI, as India’s largest bank, is specifically targeted because of its massive urban and rural customer base. Scams have been reported from West Bengal, Maharashtra, Andhra Pradesh, and major metros. Retired individuals, pensioners, and less digitally aware account holders are at highest risk, along with young adults unfamiliar with modern digital banking safety practices. Real Examples: SMS example: "Dear Customer, your SBI account will be blocked today. Update your KYC immediately: http://secure-sbiinfo.co/KYCupdate. Contact branch if you have questions." On clicking, the page asks for full account and card details, while in the background, your credentials are stolen. Red Flags: - Unsolicited SMS urging urgent KYC updates, especially with threats of account block - Links leading to domains different from sbi.co.in or sbi.com - APK downloads offered via links in messages - Requests for full ATM card number, PIN, or OTP on a website Protective Measures: - Never click links in SMS or email for KYC or account updates; always visit the official SBI website or app - Do not enter personal or banking details on unverified sites - Delete such messages and report them to the bank - Enable two-factor authentication on platforms where possible If Victimised: - Contact SBI customer care and freeze your account/card - Call 1930 and file a complaint at cybercrime.gov.in - Change your SBI netbanking password immediately - Watch for unexpected transactions and inform the bank of suspicious activity Related Scams: - New account opening fraud (collecting personal data via SMS) - Pension scam targeting elderly SBI customers - Fake branch call centre impersonation attacks

Visual Intelligence:

BharatSecure's AI has identified this as a used in scams targeting Indian users.

Who Does SBI KYC Smishing and Phishing SMS Attack Target?

General public across India

Red Flags — How to Identify SBI KYC Smishing and Phishing SMS Attack

SMS warning of account blockage or KYC expiry
Links to domains not ending in sbi.co.in
Prompt for ATM card, PIN, or OTP details
APK downloads promoted in the message

What To Do If You Encounter SBI KYC Smishing and Phishing SMS Attack

Do not click any links or share personal information
Block and report the sender immediately
Report at cybercrime.gov.in or call 1930
Inform your bank if financial details were shared

How to Report SBI KYC Smishing and Phishing SMS Attack in India

Call 1930 — National Cyber Crime Helpline (24x7)
File a complaint at cybercrime.gov.in
Contact your bank immediately if money was lost
Call RBI helpline: 14440 for banking fraud

Frequently Asked Questions

What is SBI KYC Smishing and Phishing SMS Attack?: Overview: This fraud preys on SBI account holders with alarming SMS notifications warning of "KYC expiry" or imminent "account blockage." Victims, worried about losing access, are lured into clicking malicious links that lead to phishing pages designed to steal their account credentials and personal data. How It Works: Scammers mass-send SMS claiming to be from SBI, stating that your account is at risk of suspension due to outdated KYC or missing information. The message includes a link, often
How does SBI KYC Smishing and Phishing SMS Attack work?: Overview: This fraud preys on SBI account holders with alarming SMS notifications warning of "KYC expiry" or imminent "account blockage." Victims, worried about losing access, are lured into clicking malicious links that lead to phishing pages designed to steal their account credentials and personal data. How It Works: Scammers mass-send SMS claiming to be from SBI, stating that your account is a
How to protect yourself from SBI KYC Smishing and Phishing SMS Attack?: Do not click any links or share personal information Block and report the sender immediately Report at cybercrime.gov.in or call 1930 Inform your bank if financial details were shared
How to report SBI KYC Smishing and Phishing SMS Attack in India?: Report to cybercrime.gov.in or call 1930 (National Cyber Crime Helpline). You can also contact your local police station's cyber cell.

Verify Any Suspicious Message

Check any suspicious message, link, or call for free at bharatsecure.app. BharatSecure uses AI to detect scams in real-time and protect Indian users.