Fake e-challan messages have been on the rise, which are being sent by cybercriminals with the intent to dupe gullible victims. The messages, which are mostly being sent by private numbers, claim that victims have committed offences such as overspeeding, triple riding, rash driving, and negligent driving and ask them to pay a fine on the link provided within the message.
Also read: New India Post Scam Targets iPhone Users: How it Works
However, these messages, if clicked, could provide cybercriminals access to personal photos, videos, and even bank details. The large-scale browser-based phishing campaign is basically targeting Indian vehicle owners through fake e-Challan portals. The sophisticated operation, which represents an evolution from previous malware-driven attacks, leverages over 36 fraudulent domains and exploits trust in Regional Transport Office (RTO) services to harvest banking credentials, the Cyble Research and Intelligence Labs (CRIL) has found.
Also read: Safer Internet Day: Beware of Online Scams
“This campaign demonstrates a pivot from the previously observed Android malware use to browser-based fraud, which significantly lowers the technical barriers and expands the pool of potential victims,” said Daksh Nakra, Senior Manager of Research and Intelligence at Cyble. “The use of Indian mobile numbers registered with popular telecom operators and linked to State Bank of India accounts shows how attackers deliberately exploit trust in familiar institutions to increase success rates.”
How to Identify Fake E-Challan Messages
Citizens who are receiving these scam messages are advised to take note of the following pointers:
- The SMS appears to be sent from an Indian mobile number registered with Reliance Jio Infocomm Limited.
- The phone number is linked to an account with State Bank of India.
- The use of a local telecom network and a public-sector bank makes the message seem more genuine.
- This approach works better than using international SMS gateways.
- The portal creates realistic-looking violation records, even when no real details are entered.
- It shows small, fine amounts (usually around Rs 590) with short payment deadlines.
- The design copies official Ministry of Road Transport and Highways (MoRTH) branding and NIC logos.
Fake e-challan messages are designed to steal card details from users. These fake payment pages allow only credit or debit card payments and do not offer safer or traceable options like UPI or net banking. When users enter their details, the page collects full card information, including the card number, expiry date, and CVV. The site falsely claims that the payment is being processed through Indian banks to build trust. Even if a user submits the details multiple times, the page accepts them and secretly sends all the entered card data to the scammers’ systems.
How to Stay Safe from Scams
Users are being advised to stay safe and keep the following internet hygiene practices in mind before clicking any suspicious links or responding to texts:
- People should never click on links in unexpected SMS messages that claim traffic violations.
- Traffic fines should always be checked directly on official government websites such as parivahan.gov.in.
- Website addresses should be checked carefully for spelling mistakes or unusual domain endings.
- Payment pages that allow only credit or debit cards should be treated with suspicion.
- Any suspicious messages should be reported immediately to cybercrime authorities.
