A new kind of cyber scam has surfaced with criminals preying on motorists via fake e-challans, designed to steal cash. Motorists receive fake e-challan alerts in seemingly official text messages with specific vehicle registration numbers, leaving no room for doubts over legitimacy.
According to a TOI report, a businessman from Pedder Road was targeted by cybercriminals via this scam earlier this year.
The victim had received a text asking him to clear e-challans pending against his car. The text mentioned his vehicle registration number and gave directions for installing an app, ‘vahanparivahann.apk’ to clear all his fines.
He followed the instructions but his payments did not go through the app. A week later, 31 fraudulent transactions happened on his credit card amounting to Rs 3 lakh.
Bewildered, the man went to Gamdevi police who told him that the app he had installed was fake and that a scammer had sent the e-challan text.
This is not an isolated incident of cyber scam involving fake e-challan.
How does fake e-challan work?
Explaining how the scam works, a senior officer said the e-challan text message asks the receiver to download an app to view photographic evidence of his traffic violation and pay the fine.
The text message contains an APK file (Android Application Package), either in the form of a link or over WhatsApp. Once the file is executed in the system, a malicious app gets installed on the receiver’s phone. Upon entering the bank details to “pay the fine,” the account information reaches the scammers, who use it to steal money.
“APK files downloaded from third-party, untrusted sources could be malicious. Typically, apps downloaded from Play Store would be safer as Google has its own safety checks, which won’t happen in case of third-party links. When you manually install an app using an APK file, you are bypassing safety protocols and may unknowingly install a malicious file. Invest in an anti-virus programme, which is paid and not free, to minimise risks,” Nikhil Mahadeshwar, founder of Cyber Secured India was quoted by TOI as saying.
Nikhil Mahadeshwar has been training city police’s cyber personnel.
Comments
0 comment