The State Bank of India (SBI) has alerted its customers on the KYC (Know Your Customer) fraud.
The bank said that the fraud is real, and it has proliferated across the country. Alerting its customers, SBI tweeted “KYC fraud is real, and it has proliferated across the country.
Cases of the KYC scams have been rising ever since SBI decided to permit acceptance of documents for updating customers’ information through post in the wake of difficulties faced by customers due to COVID-19 lockdowns.
The fraudster sends a text message/ WhatsApp/email message asking customers to update their KYC information via a malicious link in the message by pretending to be a bank/company representative to get your personal details.”
Clicking the link redirects customers to a fake web page, which looks exactly like the original SBI website. Here, one is asked to enter their banking details such as username and password.
Customers are also asked to enter an OTP (one-time password) from the bank – hackers use this OTP and the banking credentials to transfer money from the customers’ accounts.
Fraudsters have also been calling customers, asking them to provide sensitive KYC details and share OTPs.
The bank has asked its customers to take the following steps for their safety:
Do not share any sensitive KYC details over the phone, messages or emails.
Think before you click any link received via SMS/WhatsApp or as an email attachment. Banks never send any links to update KYC.
If you do open a link, pay close attention to the URL and check of it is different from the original one. To access SBI’s original website, click here.
Don’t share sensitive data like your username, password, phone number or OTP with anyone.
Avoid downloading any apps that claim to help with bank KYC.
SBI has also asked its customers to stay cautious and immediately report any unauthorised transactions made in their bank accounts.
You can report any unauthorised transaction in your bank account to SBI’s toll-free customer care numbers -18004253800 and 1800112211. Customers must also file a complaint with the cybercrime department immediately.