Fake E-Challan Scam: Here's How an APK File Can Hijack Your Phone

An e-Challan has been delivered to your WhatsApp, making you replay all your recent drives around town. Did you jump a red light? Or, were you speeding? Before you panic, we ask that you pause for a moment. 

A notorious scam is once again circulating, where cybercriminals send fake challans to your phone via an APK (Android Package Kit) file. You hit download, and before you know it, your device has been compromised, siphoning off your savings. 

Here’s how you can spot this sneaky scam before it hits your bank account.

• E-Challan Delivered: You receive a WhatsApp message from an unknown number claiming that you’ve violated traffic rules and that a ticket has been issued for your vehicle number. The display image of the sender is likely to be the logo of the Regional Transport Office (RTO) or that of the NextGen mParivahan app. The message may or may not mention your vehicle number and/or the challan location.

• APK Download: The message further states that to view and verify the traffic violation along with the challan, you are required to download the NextGen mParivahan app. The APK file of the app, which contains malware, is also shared with you.

• Malicious File Installation: Once you tap download, the file gets installed on your device. You then receive prompts to allow the app to access your contacts, send and receive SMS messages, and make or manage phone calls. It also asks users to make the mParivahan their default messaging application.

• Bot Action: Once the app is set as the default SMS application, it sends the messages received on your device to a Telegram bot, which is under their control. They can then generate OTPs for your e-commerce and banking apps for access.  

• Receiving an ‘apk’ file to download the Next Gen mParivahan app instead of a link to the Google Play Store.

• The app asking for permission to access contacts, messages, and phone calls.

• Threatening legal consequences if the challan is not paid soon.

• Language, spelling, and formatting errors.

• Pause: Visit the official Parivahan portal of the Ministry of Road Transport and Highways at https://echallan.parivahan.gov.in/ to verify if a challan has been issued for your vehicle. 

• Stop: Do not install any applications apart from those from the Play Store.

• Disconnect: If you end up installing the malware app, deactivate your mobile data and Wi-Fi immediately. Search for the app and uninstall it. 

• Inform: Contact your bank so they can assist in securing your account and blocking any unathorised payments.

• Report: If you were scammed or were able to spot this scam, then report the incident as soon as possible through a government portal such as Chakshu (https://sancharsaathi.gov.in/sfc/) and the national cybercrime helpline number—1930. You can also lodge a complaint with the local police station.

The Quint's Scamguard initiative aims to keep up with emerging digital scams to help you stay informed and vigilant. If you've been scammed or successfully thwarted one, then tell us your story. Contact us via WhatsApp at +919999008335 or email us at myreport@thequint.com. You can also fill out the Google form and help us take your story forward.)

(At The Quint, we question everything. Play an active role in shaping our journalism by becoming a member today.)