Beware SBI customers! SMS asking PAN update is fake

A fake SMS (short messaging service) has been doing rounds asking State Bank of India’s customers to update their Permanent Account Number (PAN) details with the bank. The viral message reads: "Dear customer, your SBI YONO account closed today, contact now and update your PAN number details." 

Cautioning the customers against any scam, Press Information Bureau’s Fact Check team has tweeted that a bogus message is being issued in the name of SBI and it is asking customers to update their PAN number to avoid their account from getting blocked. 

Press Information Bureau has alerted people that they should never respond to such emails or SMSes asking them to share their personal or banking details. Additionally, it has said that people can report such fake messages at report.phishing@sbi.co.in.   

Earlier this month, SBI had tweeted about the threats of downloading unverified software or apps from untrusted sources. It highlighted that the users unknowingly download dubious apps from unofficial sources, which may route them to dangerous malware capable of causing serious financial harm to the customers. 

Giving further details, SBI said that its users should be alert about Drinik malware, which is targeting Indian taxpayers at large by stealing Personally Identifiable Information (PII) and banking credentials through phishing attacks. 

 The Drinik malware has been around since 2016 and has undergone various updates. Initially, it operated like an SMS stealer but now has banking Trojan features. Last year, the CERT-In (Indian Computer Emergency Response Team) alerted that the virus has affected users of 27 banks.  

Analysts at Cyble (via Bleeping Computers) have said that the malware can now steal important personal details and banking credentials, and the updated version has features like screen recording, keylogging, which can break the security walls.