Attention! Traffic challans on WhatsApp can steal your bank details
What's the story
A new cyber scam is targeting unsuspecting WhatsApp users with fake "RTO challan" messages. The fraudulent message, which looks official and even contains a file attachment, claims that a traffic fine has been issued against the recipient's vehicle. However, opening this attachment can compromise your phone's security in an instant, according to cybersecurity expert Abhishek Yadav.
Cyber threat
Hackers gain remote access to your device
The fake RTO challan message usually comes with a malicious file named RTO E-Challan.apk or MParivahan.apk. Once installed, the malware in these files gives hackers remote access to your device. This can lead to theft of personal data and bank details, and even allow cybercriminals to use your number for sending similar scam messages to your WhatsApp contacts.
Account risk
WhatsApp accounts getting banned after malware spread
In some cases, users have reported their WhatsApp accounts getting banned after the malware spread through their device. The scam is particularly dangerous as it looks authentic, leading many people to assume the challan is real and click without thinking twice. Cybersecurity experts are warning that any message with an APK file from an unknown number should be treated as suspicious.
Safety tips
How to stay safe from this scam
To stay safe, remember that the Ministry of Road Transport and Highways or mParivahan app never sends challan alerts via WhatsApp or SMS links. The only legitimate way to check if you have a pending traffic challan is through the official Parivahan website or your state's RTO portal. Cybersecurity experts are urging users to spread awareness about this scam as many victims unknowingly forward the message, helping it spread faster.
Scam tactics
Scammers use official-sounding language
Scammers use language that sounds official, making it hard for users to tell the difference. For instance, one message read, "This incident has been documented and is subject to legal proceedings." The messages look like they have been auto-generated by the Traffic Enforcement Department.