Major Update for All Bank Websites: RBI’s New Domain Rule You Must Know Before Logging In

In a major move to enhance online banking safety, all major Indian banks have officially changed their website domains. Whether you bank with SBI, HDFC, or ICICI, you’ll no longer find their official websites ending in .com or .co.in. Instead, all legitimate banking sites will now end with “.bank.in” — a change introduced under the Reserve Bank of India’s (RBI) new digital security guidelines.

This shift may seem sudden, but it’s not a scam. In fact, it’s part of a nationwide effort to combat online banking fraud, phishing attacks, and fake website scams that have cost thousands of users their hard-earned money.

Why Did RBI Change the Bank Domain Format?

Until now, most banks operated under common extensions like .com, .in, or .co.in, which cybercriminals easily mimicked. Fraudsters created fake versions of these sites with similar names and layouts, tricking users into entering login credentials or OTPs, and then draining their accounts.

The new “.bank.in” domain, however, is highly secure and strictly regulated. It can only be used by verified banking institutions and financial organizations that are approved by the RBI. This means it’s almost impossible for hackers to create counterfeit websites using this new domain.

With this change, India joins a global trend where countries are adopting bank-specific domain extensions to strengthen cyber protection and build customer trust in digital banking platforms.

What Happens If You Still Visit the Old Website?

If you accidentally try to log in to your bank account using the old .com or .co.in address, you might be redirected to a fake or malicious website. Cybercriminals are known to exploit such outdated links to lure users into phishing traps.

To stay safe, always check the URL carefully before entering your banking credentials. The official domain of every recognized Indian bank will now end with .bank.in — for example:

• sbi.bank.in

• hdfc.bank.in

• icici.bank.in

If you notice any other extension or spelling variation, do not proceed. Close the website immediately and verify the link directly from the bank’s official communication or RBI’s verified list of domains.

RBI’s Deadline and Cybersecurity Impact

According to RBI’s directive, all banks were instructed to complete the domain transition by October 31, 2025. Most major banks have already complied, and customers can now use the new URLs for secure access.

Experts are calling this one of the most effective steps against phishing, cyber theft, and online fraud in recent years. With millions of Indians now relying on online banking, this domain shift is a crucial line of defense against increasingly sophisticated scams.

What Customers Should Do Now

1. Update Bookmarks: Replace old saved links with the new .bank.in addresses.

2. Verify Emails and SMS: Only trust messages from your bank that use the official new domain.

3. Avoid Clicking on Links: Always type the domain manually in your browser.

4. Enable Two-Factor Authentication: This adds another layer of protection.

5. Stay Informed: Regularly check RBI’s official website for cybersecurity updates.

Final Word

This domain update is not just a technical change — it’s a major security reform by the RBI to safeguard customers against online banking fraud. A single wrong click on an outdated or fake website could expose your bank details.

So the next time you log in, remember one golden rule: Trust only websites ending with “.bank.in”. This small precaution can make the difference between secure banking and financial loss.

Word Count: ~620