Whalesbook
The government and RBI have issued a warning about fake WhatsApp messages targeting bank customers. Investors should stay vigilant against phishing attempts as banking fraud trends evolve in FY26.
What Happened
Authorities, including the Press Information Bureau’s fact-check unit, have issued an urgent warning regarding a new wave of phishing scams on WhatsApp. These fraudulent messages impersonate the Reserve Bank of India (RBI) to trick individuals into sharing sensitive banking details or clicking on malicious links. The scammers often claim that a user's bank account is linked to suspicious transactions and requires immediate verification to prevent blocking. To combat this, the RBI has clarified that it operates only through two official WhatsApp numbers: 9930991935 and 9999041935. Any communication claiming to be from the central bank outside of these channels, especially those asking for downloads or urgent financial data, is fraudulent.
Why Investors Should Be Alert
For investors and bank customers, this alert underscores the growing complexity of social engineering attacks. Digital banking is a fundamental part of managing investments, making account security vital. Phishing attempts like these aim to gain control over bank accounts, which could lead to unauthorized transfers or data theft. The RBI’s warning serves as a reminder that official financial bodies will not send unsolicited messages requiring the download of files or the urgent entry of banking credentials via third-party links.
Trends in Banking Fraud
While phishing is a persistent threat, recent data from the RBI’s Annual Report for the 2025-26 fiscal year provides a broader view of the banking security landscape. In FY26, banks reported 10,114 cases of fraud, with the total value amounting to ₹48,021 crore. Public sector banks were the most impacted, accounting for 74.5% of this total value, or ₹35,709 crore. However, there is a notable positive trend in the retail digital payments and card segment. Fraud cases in this specific category saw a significant decline, falling from 13,332 cases to 293 in the same period, with the total value involved dropping from ₹517 crore to ₹29 crore. This suggests that while overall banking fraud remains a challenge, the security measures for retail digital transactions are becoming increasingly effective.
How to Protect Your Financial Data
Investors should adopt a proactive approach to digital security. First, never download unsolicited APK files or software updates from unofficial links sent via messaging apps. Second, verify the source of any communication claiming to be from a bank or regulator. If a message creates a sense of urgency or threats regarding account closure, it is best to contact your bank through official, verified channels—such as their official website or customer care number—rather than clicking on links provided in the message. Finally, be aware that the RBI does not ask for personal banking passwords, PINs, or OTPs through messaging platforms. Maintaining these habits is essential for protecting financial assets against evolving digital threats.