Nearly 16,000 cyber fraud cases have hit State Bank of India (SBI) branches across the country in just 22 months, exposing how India’s largest bank is struggling to keep pace with increasingly sophisticated digital scammers. The data, disclosed through an RTI query, shows that while SBI is racing ahead with tech and AI-led banking, cybercriminals are running their own parallel “fintech revolution” on unsuspecting customers.
What the RTI data reveals
Between 1 January 2024 and 31 October 2025, SBI reported 15,956 cyber-related financial frauds across its branches nationwide.
In the same 22‑month period, there were 5,105 cases of other (non‑cyber) frauds, meaning cyber frauds alone were nearly three times higher in number than traditional frauds.
The figures came in response to an RTI filed by activist Abhay Kolarkar, who had sought details of financial irregularities across SBI branches.
The data paints a clear picture: as banking shifts to apps, cards and UPI, the preferred playground for fraudsters is no longer the physical branch but the user’s screen. Cybercrime has quietly become the default mode of bank fraud, while legacy frauds still bleed larger ticket amounts in isolated but severe cases.
How much money was lost
- Cyber frauds led to losses of ₹118.47 crore, while “other frauds” accounted for a much bigger ₹477.64 crore in the same period.
- Online banking frauds alone formed the biggest chunk, with 6,630 cases involving ₹62.37 crore.
- Mobile banking frauds contributed 227 cases with losses of ₹3.23 crore, and 1,085 ATM‑related frauds led to losses of ₹7.6 crore.
So even though non‑cyber frauds still involve higher cumulative amounts, the high volume and velocity of cyber scams mean that ordinary customers are at far greater day‑to‑day risk online. Each new feature meant to make banking “seamless” is also becoming a fresh attack vector for scammers who understand user behaviour better than most product teams.
State-wise and insider angle
West Bengal recorded the highest number of fraud cases in SBI, with 1,838 incidents involving ₹12.60 crore.
The RTI reply also revealed 606 fraud cases where SBI employees themselves were implicated, accounting for a massive ₹222.24 crore.
This insider angle shows why customers cannot rely only on brand trust or branch familiarity; internal collusion can supercharge external cyber operations, especially when mule accounts, KYC shortcuts and backdoor approvals are involved. West Bengal topping the fraud chart also underlines how certain regions are now becoming hubs for organized financial cybercrime, not just one‑off phishing attempts.
Why cyber fraud is exploding
Banks are deploying AI, automation and digital journeys to cut costs and speed up services, but security awareness at the user level is not growing at the same pace.
Fraudsters are now using layered strategies: social engineering, fake customer‑care calls, app‑cloning, remote‑access tools, mule accounts and even collusion with insiders in some cases.
For customers, this creates a dangerous illusion of safety: everything looks official, OTPs come from real bank numbers, and payment screens look authentic, but a single wrong click can redirect an entire salary or life savings into a fraud network. The RTI numbers only show reported and detected cases; the real exposure may be far higher, considering under‑reporting and failed attempt data that never reaches FIR or RTI statistics.
What SBI customers should actually do
- Treat every call, link or message asking for OTP, PIN, CVV, device access or “verification” as malicious by default, even if it appears to be from SBI.
- Avoid installing remote‑access apps or clicking links sent over WhatsApp, SMS or email for “KYC update”, “account block”, “income tax refund” or “secured card upgrade”.
- In case of any unauthorized transaction, immediately call 1930 and file a complaint on cybercrime.gov.in, then notify the branch in writing to create a clear dispute trail.
The RTI story around SBI is not just a data point; it is an early warning flare for every Indian banking customer living their financial life on a smartphone. The fraud ecosystem has already gone fully digital—most users still have not.
