A sophisticated cybercrime syndicate has launched a massive phishing offensive against Indian vehicle owners, utilizing more than three dozen fraudulent “e-Challan” websites to harvest sensitive financial data. According to a recent report from Cyble Research and Intelligence Labs (CRIL), this large-scale campaign exploits the trust citizens place in government traffic enforcement systems to facilitate digital theft.
The Anatomy of the Fraud
The scam typically begins with an urgent SMS sent to a motorist’s mobile number. These messages, often originating from domestic Indian SIM cards to appear legitimate, claim that the recipient has an outstanding traffic fine. To create a sense of panic, the texts include warnings of imminent license suspension or legal repercussions, pressuring the user to click on a provided shortened URL.
Once the link is accessed, the victim is redirected to a meticulously designed website that mimics the official Regional Transport Office (RTO) or Parivahan portals. These fake sites display dynamically generated violation details, often citing a small, believable penalty like ₹590. This modest amount is a psychological tactic designed to make the victim pay immediately without overthinking the validity of the fine.
Data Harvesting Tactics
Unlike official government portals that offer multiple payment avenues including UPI and Net Banking, these fraudulent sites restrict options exclusively to credit and debit cards. This allows attackers to capture complete card information, including the card number, expiry date, and CVV code. The backend systems are programmed to accept repeated attempts even if a transaction “fails,” ensuring the criminals can extract as much data as possible from a single target.
Beyond Traffic Fines
Investigators revealed that the infrastructure powering these fake e-Challan sites is also being used to host phishing pages for major courier services like DTDC and Delhivery, as well as banking brands such as HSBC. This suggests a highly organized criminal network that reuses templates and payment logic across various sectors.
How to Protect Yourself
To avoid falling victim to these evolving tactics, experts recommend the following:
-
Verify Independently: Never trust links sent via SMS. Instead, visit the official government website directly at
echallan.parivahan.gov.in. -
Check the URL: Official Indian government websites always end with the
.gov.indomain. -
Beware of Limited Payments: Be highly suspicious of any platform that mandates card details and lacks UPI or wallet integration.
-
Report Suspicious Activity: If you receive a fraudulent message, report it immediately to the national cybercrime portal (1930 or cybercrime.gov.in).
