Fraudsters posing as bank officials use fake PPO verification messages, links and calls to hijack accounts; SBI urges customers not to share OTP, PIN or login credentials under any circumstance.
As digital payments continue to expand across the country, cybercriminals are increasingly devising sophisticated techniques to exploit unsuspecting customers. In a fresh alert, the State Bank of India (SBI) has warned its customers—especially government pensioners—against a rising trend of fraud linked to mobile number modification and pension verification.
According to SBI, cybercriminals are now targeting pensioners by misusing the Pension Payment Order (PPO) verification process. Pensioners frequently undergo compliance formalities, making them more vulnerable to fear-based manipulation by scammers claiming urgency or legal consequences.
Algoritha Prepares You for Seamless DPDP Compliance — Contact Us for Complete Implementation Support
The Modus Operandi: How the Fraud Works
The bank has highlighted that the scam begins with a call or text message from someone impersonating a bank officer or government official. The communication typically contains statements such as:
- “Your PPO verification is pending.”
- “Your pension will be stopped if verification is not completed.”
- “Your bank account may be blocked due to a mobile number mismatch.”
Victims are then sent a link and instructed to update their mobile number or complete verification immediately. In several reported cases, fraudsters ask for confidential details such as OTP, net banking credentials, debit card PIN or Aadhaar-linked information.
SBI has categorically clarified that it never seeks PPO verification, mobile number update approval, or account confirmation through calls, links, text messages or WhatsApp.
Behind the Scam: What Happens Next
Cybersecurity analysts suggest that this pattern closely resembles a SIM Swap–linked scam, where the ultimate goal is to take control of the customer’s registered mobile number.
Once the victim clicks the malicious link or shares confidential details, scammers:
- Harvest personal and financial credentials
- Gain unauthorized access to banking applications
- Initiate fraudulent transactions and transfer funds
The fraudsters’ primary objective is to replace the customer’s registered mobile number with their own, thereby gaining full control over banking authentication messages.
Safety Measures for Customers
To help prevent such incidents, SBI has issued a set of essential guidelines:
- Do not share OTP, password, PIN, CVV, customer ID or net banking credentials with anyone.
- Avoid clicking on unknown or suspicious links—even if they appear official.
- Download or update banking applications only through Google Play Store or Apple App Store.
- In case of confusion, contact the home branch or call SBI customer care at 1800-1234 / 1800-2100.
- Report suspected cybercrime cases immediately through the National Cyber Helpline 1930 or the portal cybercrime.gov.in.
- Read SMS alerts carefully and verify account-related messages before acting.
The bank has also informed customers that calls beginning with 1600 are genuine and part of SBI’s official communication system.
Final Advisory from SBI
Reinforcing its warning, SBI stated:
“Your registered mobile number is the key to your bank account. Protect it and do not allow any unauthorized person to access or modify it.”
The Bottom Line
With banking services digitizing rapidly, convenience has increased—but so have risks. Experts say that safeguarding personal information is now as important as safeguarding money itself.
One wrong click or misplaced trust can result in significant financial loss, especially for senior citizens and pensioners who remain key targets for fraudsters.
The message remains clear: Stay alert, stay aware—and never share confidential banking information with anyone.
