Scam Alert! E-Challan Messages on WhatsApp is Fake; How to Stay Safe
Did you receive an e-challan on WhatsApp? Before you rush to pay the fine, be cautious—it might be a scam designed to steal your money and personal information. According to a cybersecurity firm report a Vietnamese hacker group is targeting Indian users by sending fake e-challan messages on WhatsApp. These deceptive messages trick recipients into downloading a malicious app, resulting in data theft and financial fraud.
How the Scam Operates
Scammers send messages masquerading as official notices from Parivahan Sewa or Karnataka Police, issuing fake traffic fines. When users click on the link in the message, it directs them to download a malicious APK (Android application package). Once installed, this app requests extensive permissions, including access to contacts, phone calls, SMS messages, and the ability to become the default messaging app.
The Damage and Impact
This malware, part of the Wromba family, has infected over 4,400 devices. It intercepts one-time passwords (OTPs) and other sensitive messages, enabling hackers to access victims' e-commerce accounts. The hackers use this access to purchase and redeem gift cards, leaving no trace of direct fund transfers. So far, these fraudulent activities have resulted in losses exceeding Rs. 16 lakhs.
Affected Regions in India
While the scam has affected users across India, Gujarat has reported the highest number of victims, followed by Karnataka. The attackers, originating from Báºïc Giang Province in Vietnam, use proxy IP addresses to avoid detection, complicating efforts to trace their activities.
How to Stay Safe
To safeguard against such scams, consider the following tips:
- Download Trusted Apps: Only download apps from official sources like the Google Play Store.
- Use Antivirus Software: Keep reputable antivirus and anti-malware software installed on your device to detect and prevent malicious activities.
- Check App Permissions: Regularly check and limit the permissions granted to apps on your device.
- Stay Updated: Ensure that your device’s operating system and apps are up to date to protect against vulnerabilities.
- Monitor SMS Activity: Use tools that detect and alert you to suspicious SMS activities.
- Enable Account Alerts: Set up alerts for banking and other sensitive services to monitor any unusual activities.
- Raise Awareness: Educate yourself and others about the risks of unverified apps and phishing attempts.
By adopting these security practices, you can significantly reduce the risk of falling victim to such scams and protect your personal information. Stay alert and cautious to guard against these sophisticated cyber threats. Staying informed and vigilant is crucial in today's digital age to ensure your online safety and security.