Table of contents:
- KYC for banks
- KYC fraud
- Three important tips from SBI to avoid KYC scam
- Reporting KYC fraud
- FAQs on KYC scam
As the country moves toward a cashless, digitised economy, digital payments have grown rapidly. Alongside this convenience, however, has come a rise in cyber fraud. One of the frequent threats customers face today is KYC fraud.
KYC (Know Your Customer) is the verification process banks, financial institutions and insurance companies use to confirm a customer’s identity and address. The Reserve Bank of India requires banks, digital payments firms and other regulated entities to complete KYC before offering financial products or services. With scams on the rise, many consumers ask: is KYC safe?
This article explains how KYC works for banks, common fraud tactics, steps from the State Bank of India (SBI) to avoid KYC scams, how to report incidents, and answers to common questions so you can protect your finances.
KYC for banks
KYC procedures vary by account type and a bank’s risk assessment; the frequency and method of KYC completion or update depend on those factors. KYC is crucial for activities like:
- Opening bank accounts
- Investing in fixed deposits, recurring deposits or mutual funds
- Making online investments
Performing KYC helps banks verify that applications and supporting documents come from genuine customers. Proper identification reduces the risk of fraud and enables institutions to comply with regulatory requirements.
KYC fraud
Since the pandemic, the increased use of UPI, mobile wallets and banking apps has coincided with a rise in online frauds. KYC-related scams are a notable part of this trend.
State Bank of India, one of the country’s largest lenders, has warned customers about growing KYC fraud incidents. Fraudsters often impersonate banks or companies, using SMS, email or calls to trick people into sharing personal details or clicking malicious links.
During the Covid‑19 second wave, banks expanded remote options—such as updating KYC via mail—to support customers unable to visit branches. While these measures provided necessary flexibility, they also opened new avenues for fraudsters to exploit uninformed users.
Three important tips from SBI to avoid KYC scam
SBI recommends three straightforward precautions to protect accounts and personal information:
- Think before you click any link
Be cautious with links in emails, SMS or social messages, especially those claiming urgent action is required to avoid account suspension. Malicious links can harvest data or install malware.
- No bank would send links to customers for KYC updation
SBI emphasises that it does not send KYC update links to customers. Any unsolicited link purporting to be from the bank should be treated as suspicious and ignored.
- Avoid giving your phone number or any confidential information to anyone
Never share your mobile number, OTP, ATM PIN, CVV or other sensitive data with unknown callers or through unsolicited messages. Bank officials will never ask for such confidential details over phone, SMS or email.
SBI also advises against downloading apps recommended by strangers or following guidance from unknown sources. Attackers can intercept OTPs or exploit apps to access accounts remotely.
Reporting KYC fraud
If you notice any unauthorised or suspicious transactions, report them to your bank immediately. SBI provides toll-free numbers—1800-4253-800 and 1800-112-211—for reporting unauthorised activity. Prompt reporting increases the chances of quick containment and resolution.
Victims should also consider filing a complaint on the National Cyber Crime Reporting Portal to ensure the incident is logged with authorities. When filing complaints, provide accurate and complete information to facilitate investigation and recovery.
Digital payments and UPI have strengthened the country’s payments infrastructure and made transactions faster and more convenient. Yet that convenience attracts fraudsters skilled in social engineering who try to exploit KYC procedures. Many targets are users unfamiliar with these technologies, so awareness and vigilance are essential to protect savings and credit needs.
FAQs on KYC scam
What are the different ways in which KYC frauds in India are happening?
KYC fraud commonly occurs through several methods:
- Smishing: fraudulent SMS messages that include links or attachments, impersonating legitimate companies
- Impersonation: callers pretending to be bank officials to extract KYC details
- Phishing: collecting customer information via fake websites, email or social media
- Identity misuse: using someone’s identity to apply for credit or file taxes
What is the process to follow to complain about KYC scams in India?
To report a KYC scam, take these steps:
- Write a clear summary of the incident with dates, times and the sequence of events
- Save screenshots of emails, SMS, or messages sent by the fraudster
- Gather supporting documents such as bank statements or transaction records
- Visit the nearest police station to file an FIR or complaint, presenting the collected evidence
- Keep soft copies of all documents and share them with the investigating officer
What is KYC?
KYC is a verification process used by banks and other financial institutions to confirm the identity and address of a customer before providing financial services.
Why is KYC required?
KYC helps institutions verify customer claims about identity and address, assess risk, prevent money laundering and other illegal activities, and comply with regulatory obligations.
What are the simple ways to identify KYC scams?
Practical ways to spot and avoid KYC scams include:
- Never click unknown links in emails or SMS
- Verify the identity of anyone claiming to be a bank representative before sharing details
- Do not provide bank account or card information to unknown callers
- Avoid installing third‑party apps to complete KYC unless they are from verified sources
Staying informed and cautious is the best defence against KYC fraud. If in doubt, contact your bank directly using official numbers or visit a branch to verify any KYC-related request.