What is the Traffic Challan scam?
A traffic challan scam unfolds when you receive an SMS or a WhatsApp message claiming that you have committed a motor vehicle violation.
As a result a traffic violation fine is being levied on you.
To make the message authentic there is a vehicle number which happens to be your vehicle number.
To make it look 100% authentic there would be a copy of the Challan with the insignia of the traffic department along with the details of the vehicle, your name etc.
This causes a trigger of the panic button
Believe it or not, no one is happy to receive a traffic violation ticket or a challan as it is referred to in some parts of the world.
This receipt causes a state of panic.
Along with this message there is a link.
How things get murky from here
In response to this panic most people would get unnerved and follow the instruction of clicking the link.
As they do the link tries to install an app via an apk file.
At this stage the phone's security may prompt and caution you about a security risk as you are about to install an untrusted app via an apk file from an untrusted source.
However in a lot of cases the panic is already doing its job of making you nervous and instead of being cautioned you simply end up installing the app via the apk file by overriding the security warning.
How people are losing money in the traffic Challan scams?
As a user installs the app it leads to compromising the security of the phone. The app is engineered to forward sms and other messages to an untrusted party or the hacker.
It can also forward the contact lists to financial details. basically any details present on your phone can be forwarded to the scammer.
In simple terms the app is a backdoor entry for the scammer to get hold of your phone and all the information coming to you.
What the scammer does next is transfers funds from your bank account to a third party account.
As most online transfers would require an online authentication via a one time password (OTP) this can be easily handled by the dubions app which you have installed onto your phone device.
How to handle things in case you get such a notice or message?
The first thing to do would be not to click on the link present in such a message.
Instead a much better or the correct thing to do would be to visit the traffic departments website and from there try to validate the status of your challan or fine.
What to do in case you clicked the link and installed the app?
Turn on the airplane mode and make sure the wifi is turned off on your device. This way your mobile device would not transmit any data. Next uninstall the app you you may have installed in the process.
Contact your bank and disable any online transfers as soon as possible.
Make sure to call the local cybercrime department and report the incident to them.
Main image created with Bing image creator