A Mumbai businessman lost Rs 3 lakh from his credit card and fell prey to a fake e-challan scam. Phishing communications that seem authentic are used in the scam to trick gullible people into downloading dangerous apps and disclosing personal information.What exactly happenedNowadays, motorists are getting targeted with fake e-challans (traffic violation fines) by cybercriminals. These challans have been sent to several people through messages in recent months, and some have lost money as a result of clicking on them. A businessman from Mumbai became a victim of this scam and lost Rs 3 lakh receiving such phishing spam SMS.False app downloadedAs per the media reports, the victim, who resides in the Peddar Road area, got an SMS of an e-challan issued against his car. Details such as his name and vehicle registration number were included in the SMS, asking him to pay the fine as soon as possible. As the details mentioned were right, the victim believed it to be a genuine message from the traffic police. A link was given in the message, which directed him to install an app named vahanparivahann.apk. He followed the instructions mentioned to avoid paying a late fee.But even after doing everything as instructed, the money was not processed by the app. The message was left just as it was by the victim. However, he did not receive any unauthorized transaction messages from the credit card he had used to pay for the e-challan through the app until a week later. He received 31 fraudulent transactions totaling Rs 3 lakh on his credit card. The victim, caught off guard by the message, disclosed that he had been duped and immediately lodged a complaint.Message from the policeIn the complaint, the police officer informed him that the app he downloaded through SMS was a phishing app. He also mentioned that all the details he added in this app were saved to do the scam.How do these cons operateScammers are allegedly sending fake texts that contain malicious links. An application to examine photographic evidence of their traffic infraction and pay the fine is sent to the recipient of the e-challan SMS alert. This application may be downloaded as an APK file and is shared via WhatsApp via a URL. Unfortunately, a malicious application infiltrates the recipients device upon opening and downloading the file. The recipients account is then compromised when they supposedly pay the fine by entering their banking details.Be safe Be vigilantRemember these 2 things to be safe from these scams.1. Official notifications from traffic authorities typically do not call for quick action or the downloading of apps through WhatsApp or text messaging. Any unsolicited messages should raise suspicions, especially if they include attachments or links.2. Legitimate e-challan alerts typically originate from reliable sources, including official government portals or regional police department websites. Before acting, confirm any messages you have received through official means.
