SBI Warns Customers About New Scam Message That Can Empty Bank Accounts

Fraudsters are reportedly targeting SBI users with fake YONO SBI and Aadhaar update messages designed to steal banking details.

State Bank of India (SBI) customers have been alerted about a new online scam in which fraudsters are sending fake messages to steal sensitive banking information.

According to reports, cybercriminals are sending SMS and WhatsApp messages claiming that the customer’s YONO SBI app will soon be blocked because Aadhaar or KYC details have not been updated. These messages create panic and urge users to click on a link immediately.

The links included in such messages are fake and may lead to malicious websites or harmful APK files. If downloaded or opened, these can capture login credentials, banking details, OTPs, and other personal information stored on the phone. Once fraudsters gain access, they may attempt unauthorised transactions.

Here’s the scam message received by users

The message circulated online reads,

“Urgent announcement

Dear SBI customer,

This is to inform you that your SBI Yono account will be blocked tonight due to Aadhaar no. is not updated in your account. We regret the inconvenience caused and request you to please install our official SBI Aadhaar update app and kindly update your Aadhaar and proceed your further KYC immediately.”

SBI has advised customers not to trust such messages and never click on suspicious links received through SMS, email, or messaging apps.

The bank has also reminded users that official apps should only be downloaded through recognised app stores. Customers should avoid installing unknown files sent through messages.

Experts say scammers often use fear tactics such as account closure, KYC expiry, blocked UPI access, or suspended banking services to rush people into acting without verification.

To stay safe, customers should carefully verify any banking communication through SBI’s official website, branch, or customer care channels before responding.

Users are also advised to regularly review mobile apps and permissions, keep devices updated, and avoid sharing OTPs, passwords, PINs, or personal details with anyone.

If someone has already clicked a suspicious link or shared sensitive details, they should immediately change passwords, contact their bank, and report the incident through official cybercrime channels.

With digital banking becoming more common, awareness remains one of the strongest protections against such fraud attempts.

Disclaimer: Readers should verify banking alerts only through official SBI channels and never share confidential financial information online.