The State Bank of India (SBI), India's largest lender, has issued a warning to its customers regarding phishing scams using multiple modes of communication such as text messages, emails, and tweets. The bank released two numbers with customers to raise awareness about KYC frauds that have been going around and asked them not to respond to any unusual calls. Customers with SBI Debit Cards should also read this.
"Do not engage with these numbers, and don't click on phishing URLs for KYC updates as they aren't associated with SBI," according to a recent tweet from the official SBI Twitter account. Customers of SBI are receiving calls from two numbers: +91-8294710946 and +91-7362951973 requesting that they click on a phishing link to update their KYC. All SBI customers are advised not to click on any phishing/suspicious links."
"We appreciate your alertness and thanks for informing us," the SBI said in response to one of the customer tweets. Our IT Security team will take the necessary steps to address it. Furthermore, we encourage all of our clients not to respond to unsolicited emails, SMS, phone calls, or embedded links requesting personal or banking information such as user ID, password, debit card number, PIN, CVV, or OTP. These details are never requested by the bank. Customers can report phishing, smishing, and vanishing attempts by emailing report.phishing@sbi.co.in or calling the hotline number 1930. They can also report these incidents to their local law enforcement agency."
The Reserve Bank of India (RBI) has taken a number of steps to ensure that consumers are not defrauded. It just released a booklet in which it explains in detail all forms of fraud that happen and how to protect yourself.
Fraudsters create a phishing website that seems like a real website, such as a bank's website, an e-commerce website, a search engine, and so on, according to RBI. SMS, social media, email, and Instant Messenger, among other means, are used by fraudsters to distribute links to these websites.
Many clients provide security credentials such as a Personal Identification Number (PIN), One Time Password (OTP), or Password without first checking the Uniform Resource Locator (URL) which are collected and used by fraudsters.
Phishing happens when imposters posing as bankers, company executives, insurance agents, government officials, and others call or approach customers over the phone or through social media, according to the RBI. To gain trust, imposters reveal a few consumer details, such as the customer's name or date of birth.
Customers may be coerced or tricked into revealing private information such as passwords, one-time passwords (OTPs), PINs, and Card Verification Values (CVVs) by imposters claiming an emergency. Customers are then scammed using that private information.
