A surge in fraudulent activities is currently targeting users of the State Bank of India (SBI), aiming to exploit their YONO banking app. Scammers are distributing deceptive messages claiming that the app will be deactivated unless the recipient updates their Aadhaar details immediately.
Nature of the Scam
This scam is being propagated via SMS, WhatsApp, and unsolicited emails, creating a false sense of urgency. The fraudulent messages prompt users to click on harmful links or download unauthorized APK files, which, once installed, allow attackers to gain control over the victim’s device.
The downloaded APK files can facilitate the theft of sensitive information, including banking credentials and personal data, unbeknownst to the user. This method is particularly effective against those unfamiliar with legitimate apps’ distribution channels.
SBI’s Response and Public Alert
SBI’s security team has identified this fraudulent campaign and issued a public alert to caution its customers. The bank has emphatically stated that it never requests Aadhaar updates via APK files or unofficial links. This message was rapidly disseminated to a vast audience through SBI’s official social media platforms.
In addition, India’s Press Information Bureau has debunked these fraudulent claims, labeling them as deliberate attempts to steal personal and financial data.
Protective Measures for SBI Customers
SBI advises its customers to download the YONO app exclusively from the Google Play Store or Apple App Store. It warns against downloading any apps through links provided in unsolicited messages, regardless of how legitimate the message may appear.
Customers are encouraged to disregard any suspicious messages, refrain from sharing sensitive information through unverified channels, and report phishing incidents to SBI’s official email. Reports can also be made to the National Cyber Crime Reporting Portal or helpline.
SBI reassures its customers that it will never request passwords, PINs, CVV numbers, or OTPs through calls or messages. Anyone suspecting their device might be compromised should conduct a full antivirus scan and change all account passwords from a secure device.
By adhering to these guidelines, users can significantly reduce the risk of falling victim to these scams. Staying informed and cautious is crucial in safeguarding personal and financial information from cybercriminals.
