Cyber criminals never pretend to be unknown start-ups. Why would they? They impersonate names you already trust — your bank, your gas company, institutions woven into your daily life. The familiarity is the weapon. By the time something feels off, they have already had a minute inside your head. Sometimes that is all it takes.
 
Two scams are making the rounds on WhatsApp right now. One impersonates State Bank of India (SBI), the country’s largest public sector lender. The other poses as Mahanagar Gas Ltd, one of the main players in the supply of compressed natural gas (CNG) and piped natural gas (PNG) in India. 
 
On the surface, they look nothing alike, but the logic running underneath is identical — manufacture either urgency or convenience, get you moving before you are thinking, and extract your money or your access to it. Both are slicker than most people expect. Both have already claimed real victims. And both are landing in inboxes across the country as you read this.
 
The SBI one exploits tax season — that annual scramble when millions of account-holders need their interest certificate to file income tax returns (ITRs). The MGL one goes after something more primal: the fear of waking up to no gas in your kitchen. Neither timing is accidental. These are not opportunistic one-off attempts. They are engineered cons, built around your calendar, your habits and logos you would recognise anywhere.
 
Here is exactly how each one works.
 
The SBI Interest Certificate Con
This one is subtle. And, in some ways, the more dangerous of the two — because it exploits something completely real.
 
Every year after 31st March, millions of SBI customers genuinely need their interest certificate to file ITRs. Fraudsters know this. So they fire out a WhatsApp message appearing to come from 'State Bank of India' — blue verification tick, SBI logo, 'Business Account' badge and all — announcing that your FY24-25 interest certificate is ready. Just send 'Hi' to this number to get it instantly. Oh, and while you are at it, here is a reminder to download the new YONO app too.
 
The number, needless to say, is not SBI's.
 
The screenshots doing the rounds show exactly this. Professional language, the right branding, the right timing, the right ask. Nothing screams fraud. That is entirely the point.
 
All they need is for you to engage — reply, call, click, download. Once you do, the con is already running. From there, the conversation is designed to nudge you toward sharing an OTP, logging into a fake portal, or installing remote-access software on your phone. The interest certificate is just the opening line. What follows is where the real damage happens.
 
SBI has been unambiguous about this: it never sends links or files via SMS or WhatsApp for any banking purpose. The Bank has its own official WhatsApp number (+91 90226 90226) — and it does not cold-ping you about your tax documents. If you have not initiated the conversation through SBI's verified channel yourself, treat any message claiming to be from SBI as suspect until proven otherwise. Every time.
 
The Press Information Bureau (PIB) has already issued warnings after these messages began circulating. The broader picture makes for grim reading too — data from Reserve Bank of India (RBI) shows bank frauds jumped to ₹36,014 crore in FY24-25, a 194% increase over the previous year. Cyber criminals are not struggling to find victims. There are far too many people who have not been told to look twice.
 
The WhatsApp Blue Tick Problem Nobody's Talking about
Here is a question that deserves a straight answer: How does a fraudster get to display 'State Bank of India' on a WhatsApp Business account — blue verification tick, 'Business Account' label and all — while actively running a con?
 
Look at the screenshots. This is not a misspelt lookalike. Not 'Stat3 Bank of India.' Not 'SBI Official Help.' The account reads ‘State Bank of India’, with the blue tick WhatsApp grants to verified accounts and the ‘Business Account’ tag meant to signal that you can trust who you are talking to.
 
That is a deeply uncomfortable question for Meta. What checks are actually happening before WhatsApp lets any  account operate under the name of a regulated, nationally recognised financial institution? SBI is not a corner shop. It is India's largest public sector bank, listed, RBI-regulated, and trusted by millions of people. If a scammer can set up a WhatsApp Business account under SBI's name with a blue tick and use it to defraud customers, the verification system is not just falling short — it is being turned into a weapon against the very users it is supposed to protect.
 
When a victim sees that blue tick, they are not being gullible. They are doing exactly what Meta trained them to do. You can't put all of that on the victim. Meta owes its users — and the institutions being impersonated — a far more rigorous explanation of how this keeps happening, and what, concretely, is being done to stop it.
 
The MGL Disconnection Panic
The Mahanagar Gas scam takes a different route. No tax anxiety here — just blunt, immediate fear. You get a WhatsApp message: “Your gas supply will be disconnected tonight at 9:30pm unless you update your bill right now. Call this number. Immediately.”
 
 
That is the trap. Panic first, think later. And it works, because a gas disconnection in a Mumbai household, for example, is not a minor inconvenience — it shuts down your kitchen. Interestingly, the specificity of ‘9:30pm’ is a trick borrowed straight from an older playbook. A few years ago, nearly identical messages circulated threatening electricity disconnection at the same precise hour, in the name of the state electricity board. Same script, different costume.
 
MGL has publicly warned that fraudsters are impersonating company representatives over SMS and WhatsApp, pushing customers toward fake links, malicious APK files and bogus payment requests. Awareness campaigns have been running. People are still falling for it — because the messages look real and the fear they trigger is genuine.
 
Here is what the typical sequence looks like. A woman in Andheri East got a message warning her connection would go at 10:25pm that same night. She called the number in the message and spent 45 minutes on the phone with someone calling himself 'Rahul Kumar', who eventually convinced her to download an APK file called 'BILL_UPDATE.apk'. A spending cap on her debit card limited her loss to ₹5,000. Others weren't so fortunate.
 
In another Mumbai case, a man paid ₹1,150 as instructed and then got a call saying the payment hadn't shown up in the system. The caller sent an APK file. The moment he downloaded it and typed in his banking credentials, the fraudsters had full access to his phone and accounts. Within minutes, ₹11.82 lakh was gone — transferred out across  multiple transactions before he could do a thing.
 
Then there was a 75-year-old retired man in Malad East, targeted with a message carrying MGL's official logo. The disconnection warning was real enough to rattle him. The 'fix' required a system update fee of just ₹10. Small ask. Catastrophic exposure. The ₹10 was never the point — getting inside his phone was.
 
 
MGL's actual verified WhatsApp number is +91 98992 03843. The company does not request OTPs, bank details, or passwords through calls or messages — ever. Any message arriving from any other number, claiming to be MGL, is a fraud. Full stop.
 
The Common Thread
Both scams are built on the same foundation: your trust. In SBI, in MGL, in a blue tick, in a familiar logo. And both weaponise timing in the same way — one arrives when you're stressed about taxes, the other tells you the clock is ticking tonight. Neither is coincidence. This is craft.
 
A few things worth hardwiring into how you handle these messages:
Never download an APK file sent over WhatsApp. No legitimate company — bank, utility, anyone — sends Android installation packages to update your account or bill. If a file with a .apk extension arrives over WhatsApp, it's malware. Every single time, no exceptions.
 
Never call back on a number from inside a message. Find the official helpline yourself, through the company's actual website.
 
Never let a WhatsApp message from an unknown number push you into acting fast. Genuine disconnection notices and bank communications have their own official processes. They don't come as cold WhatsApp pings with a two-hour deadline.
 
And if any message asks you to send 'Hi' to a number to receive sensitive documents, verify that number against the institution's official website before you type a single character.
 
When in doubt — block and report. The person in the MGL screenshot already knew this instinctively. He blocked the number before any damage was done. That reflex is worth more than any security app you could install.
 
The fraudsters are getting sharper. The messages are cleaner, the branding more convincing, the timing more precise. The only real defence is knowing how the trick works before they try it on you.
 
Stay Alert, Stay Safe!