PIB flags fake SBI YONO message urging Aadhaar update. warns customers against phishing scam
New Delhi, March 22
The Press Information Bureau has flagged a fake message circulating on social media that claims State Bank of India's YONO app accounts will be blocked if users do not update their Aadhaar details immediately.
The purported message instructs recipients to download an APK file titled "SBI KYC AADHAR UPDATE" and install it to avoid disruption of services.
The warning, which appears to be a phishing attempt, is designed to mislead account holders into sharing sensitive banking and personal information.
PIB Fact Check clarified that such messages are fraudulent and not issued by the SBI. The official X handle of SBI has also confirmed that the bank does not require customers to download APK files for Aadhaar updates.
In the fake message, users are allegedly addressed as "Dear SBI customer" and are informed that their YONO account will be blocked due to incomplete Aadhaar details. They are then urged to download the APK file to complete the update. However, experts warn that downloading such files from unverified sources could compromise the security of smartphones and lead to unauthorised access to personal and financial data.
"Customers should be extremely cautious and avoid downloading apps from unknown links or APK files shared through emails, SMS, or WhatsApp," PIB Fact Check advised. "Do not share personal, banking, or Aadhaar-related information with unverified sources."
The SBI has also set up a dedicated email - report.phishing@sbi.co.in - where customers can report suspicious messages. Cybersecurity analysts recommend that users always verify messages through official bank channels or apps before taking any action.
This incident highlights the growing trend of phishing attacks targeting banking customers, particularly through messaging platforms like WhatsApp. Authorities urge vigilance as such scams often exploit fear of account suspension to trick users into sharing sensitive information.
With the rise of digital banking and the widespread use of apps like YONO, users are advised to remain alert to unsolicited messages and rely only on verified updates from official channels.
— IANS
Reader Comments
As someone who works in cybersecurity, I see these phishing attempts daily. The "urgency" tactic is classic. Never, ever download an APK from a message. Always go to the official app store or bank website. Good on SBI for setting up a reporting email.
The problem is these messages look so genuine! They use the SBI logo and everything. Banks and the government need to run more awareness campaigns on TV and radio, especially in regional languages. Not everyone is tech-savvy.
I appreciate the warning, but honestly, the authorities need to do more than just issue alerts. They should track and shut down the numbers/accounts spreading this malware. The fear of account blocking works every time on common people.
Simple rule: Your bank will NEVER send you a link to download an app directly. Any KYC or Aadhaar update happens within their secure app or at the branch. Forwarding this article to my family group right now. 👍
It's a global issue, but the scale in India is massive due to the rapid digital adoption. The "Dear Customer" greeting is a huge red flag—legitimate banks use your name. Stay safe, everyone.
We welcome thoughtful discussions from our readers. Please keep comments respectful and on-topic.