A suspected cyber-enabled banking fraud involving the State Bank of India has raised serious concerns over banking security in Etah district, after a retired government employee alleged that fraudsters, in suspected collusion with bank personnel, siphoned ₹4.49 lakh from his savings account through 95 separate online transactions. The complainant further alleged that his account’s registered mobile number and nominee details were changed without his knowledge or consent to facilitate the fraud.
A Passbook Update That Exposed the Fraud
The victim, Chaitanya Prakash Paliwal, a resident of Jaitra, maintains a savings account at SBI’s Jaitra branch where his monthly pension is credited, with his wife Sarvesh Paliwal originally registered as the account nominee. He said the account held ₹12.73 lakh as of June 5, 2024, but when he visited the branch on July 3 to update his passbook, he discovered ₹4,49,128 had been transferred out through multiple online transactions he never authorised.
His bank statement showed the money had moved in 95 separate transactions to different mobile-linked accounts between June 5 and July 3, an average of more than one unauthorised transfer per day over nearly a month, a pace that raises questions about why the bank’s own fraud-monitoring systems failed to flag the pattern earlier. He further alleged the account’s nominee had been changed from his wife to a person identified as Mohammad Furkan, whom he says he does not know and never authorised as a replacement nominee.
No Digital Payment App, Yet Dozens of Digital Transactions
Paliwal stated he has never used PhonePe or any other digital payment application, yet online transactions were successfully carried out from his account regardless. He suspects fraudsters first changed the registered mobile number linked to his account, a step that would have let them intercept OTPs and transaction alerts before executing the transfers, effectively locking him out of any real-time warning that his savings were being drained.
After discovering the alleged fraud, he immediately submitted a written request to the bank seeking restoration of his correct mobile number and reinstatement of his original nominee details. He has since filed a written complaint with Jaitra Police Station seeking registration of a criminal case, arguing that changing a customer’s registered mobile number and nominee details without proper verification would not have been possible without either internal collusion or serious procedural lapses within the bank itself.
A Pattern Seen Elsewhere in Insider-Enabled Banking Fraud
Paliwal’s allegation of possible staff involvement is not without precedent nationally. Similar cases of banking staff exploiting internal access to divert pensioners’ funds have surfaced repeatedly across India in recent months, including a case in Rajasthan’s Pali district where two former SBI branch officials were accused of misusing bank funds and forging documents to cause a loss of over ₹41 lakh, and a separate Varanasi case where an SBI employee couple allegedly siphoned nearly ₹2 crore from a retired colleague’s account by diverting funds to associates before threatening the family when they resisted further withdrawals.
Attempts to obtain a response from SBI’s Jaitra branch management had not yielded any official statement at the time of reporting, and it remains unclear what verification process or documentation was used to approve the alleged changes to Paliwal’s mobile number and nominee details. If an FIR is registered, investigators are expected to examine the bank’s KYC records, internal system logs, IP addresses, and digital audit trails relating to the mobile number modification, alongside all associated financial transactions.
Prof. Triveni Singh, the former IPS officer and cybercrime specialist, said unauthorised changes to a bank account’s registered mobile number, email address or nominee details can expose customers to significant financial risk, since cybercriminals often alter such critical information first specifically to clear the path for fraudulent transactions that follow. He advised bank customers to periodically verify their KYC details, registered mobile number and nominee information, and urged victims of suspected banking fraud to immediately inform their bank and report the incident through the National Cyber Crime Helpline at 1930 and the National Cyber Crime Reporting Portal, since prompt reporting significantly improves the chances of freezing fraudulent transactions and recovering stolen funds.
