The Indian Cyber Crime Coordination Centre (I4C), operating under the Ministry of Home Affairs, has issued warnings regarding a surge in phishing scams targeting individuals through fraudulent ‘e-challan’ SMS messages. Officials report that victims are receiving texts claiming that traffic violations have resulted in e-challans against their vehicles. These messages include a link prompting immediate payment to avoid penalties, exploiting the urgency of potential fines.

Mechanism of the Scam

Upon clicking the link, victims are taken to a counterfeit webpage that closely mimics the official M-Parivahan portal managed by the Ministry of Road Transport and Highways. Cybersecurity experts indicate that this marks the beginning of the phishing cycle. The scam website requests users to input sensitive personal information including vehicle registration numbers, mobile numbers, one-time passwords (OTPs), and banking or credit card details, all under the guise of settling the e-challan. Once this information is submitted, it is harvested by cybercriminals, who then deplete the victims’ bank accounts or use their credentials for further fraudulent activities.

Increase in SMS-Based Phishing

The I4C has noted an increase in such SMS phishing schemes, particularly in urban environments where digital traffic enforcement has become commonplace. Fraudsters leverage public familiarity with legitimate e-challan processes to create a sense of urgency, often threatening severe fines or legal actions if immediate payment is not made. Officials emphasize that authentic e-challans are exclusively issued through government-sanctioned platforms, advising citizens to verify such communications directly through state traffic police websites or the official Parivahan portal.

Public Awareness Campaign

The I4C has encouraged the public to exercise caution, recommending that individuals avoid clicking on suspicious links received via SMS and refrain from disclosing OTPs or banking information on unverified sites. Citizens are urged to report incidents immediately through the national cybercrime helpline at 1930 or the cybercrime reporting portal to mitigate potential financial losses.

Government Action Against Fraudulent Applications

In response to the increasing prevalence of such scams, the Ministry of Home Affairs recently took measures to ‘geo-block’ command and control servers associated with the ‘Wingo’ app, identified as a platform that promotes SMS-based fraud. As part of a broader crackdown, four Telegram channels, with approximately 153,000 subscribers, and over 53 related YouTube videos promoting the app have also been blocked. The I4C has issued a public advisory against the Wingo app, classifying it as a ‘Telecom Mule as a Service’ platform and instructing citizens to avoid its use.

Vigilance Against Malicious Apps

Alongside the warning against the Wingo app, the I4C has pointed out the existence of several other applications involved in disseminating fake links through SMS. The agency has urged Android users, in particular, to remain vigilant against these malicious applications. Established by the Ministry of Home Affairs, the I4C serves as a central agency aimed at addressing cybersecurity threats. It collaborates closely with law enforcement organizations across states and Union Territories to identify and counteract emerging cyber threats, analyze fraudulent trends, and coordinate large-scale operations against fraud networks that utilize dubious apps, counterfeit websites, and various social media platforms.

Long or Short, get news the way you like. No ads. No redirections. Download Newspin and Stay Alert, The CSR Journal Mobile app, for fast, crisp, clean updates!

App Store –  https://apps.apple.com/in/app/newspin/id6746449540 

Google Play Store – https://play.google.com/store/apps/details?id=com.inventifweb.newspin&pcampaignid=web_share