New Delhi: Cyber fraudsters have once again repackaged an old scam into a more convincing format this time by misusing the name of the RTO e-challan system. Over the past year, criminals have circulated malicious APK files disguised as wedding invitations, PM-Kisan installment alerts, courier delivery notices, and even KYC updates. Now the same tactic is being used with fake “RTO Challan” messages on WhatsApp, tricking people into installing dangerous spyware.
The method is deceptively simple: a message claiming that a traffic challan has been issued against your vehicle, along with a link or attachment to “view details.” Many users, out of panic or urgency, click the file unknowingly giving hackers complete access to their phones.
How the scam works: One fake file, full control of your phone
The scam unfolds through a carefully crafted sequence:
- You receive a WhatsApp message stating: “An e-challan has been issued for your vehicle. Download the file below to view details.”
- Attached is an APK file, commonly named RTO_Challan.apk, E-Challan_Details.apk, or a similar official-looking version.
- The moment you download the file, it auto-installs on Android phones—because it is built to bypass user caution.
- This file is not a document but a spyware application (malware).
Once installed, the malware:
- Grants the fraudster complete remote access to your device
- Captures banking app data, OTP messages, contacts, and personal files
- Automatically forwards the same malicious file to all your WhatsApp contacts, making the fraud spread rapidly
- Allows hackers to initiate online banking transactions and intercept OTPs needed to authorize them
Cyber experts warn that this category of malware is among the most dangerous, as the criminal does not need to call or message you again—your device becomes their control panel.
What is an APK file and why is it dangerous?
APK stands for Android Package Kit, the format used to install apps on Android devices. Every app on the Google Play Store is an APK file—but those are security-checked and scanned before publishing. The real threat arises when:
- An APK file arrives through WhatsApp, Telegram, email, or SMS
- The user assumes it is a harmless PDF or image file
- The APK, once clicked, silently installs malware without visible warnings
Most people do not check the file extension and click out of curiosity, fear, or trust—making this scam extremely effective.
How this fraud may evolve: From RTO challans to electricity bills, prizes
Cybercrime trends are clear: scammers use themes that cause fear or excitement. In coming months, experts warn that similar APK-based malware may be circulated using:
- PM-Kisan ₹2,000 installment notifications
- Electricity bill overdue alerts
- Passport/courier delivery warnings
- Lottery winnings or gift vouchers
- Bank KYC-update messages
- Government scheme eligibility notifications
Regardless of the theme, the fraud mechanism remains identical: a fake APK file carrying dangerous malware.
How to protect yourself: 7 critical safety steps
- Never download an APK file sent from WhatsApp — no matter who sends it.
- Always check genuine challans only on: echallan.parivahan.gov.in.
- Remember: wedding cards, PDFs, photos, govt documents — these are never in .apk format.
- If a known contact sends an APK, call and verify; their WhatsApp may be hacked.
- Turn off “Install apps from unknown sources” in phone settings.
If you accidentally installed an APK:
- Immediately switch off data/Wi-Fi
- Uninstall the suspicious app
- Change all bank passwords and PINs
- If money is stolen or a threat is suspected, call 1930 (National Cyber Fraud Helpline) instantly.
One careless click can wipe out your savings
Digital services have made life convenient, but they have also increased exposure to high-risk cyber fraud. The ongoing RTO challan scam is a sharp reminder that:
- Every link must be checked,
- Every file scrutinized,
- And every suspicious message ignored.
Most importantly, senior citizens and low-tech users must be educated, as they are the easiest targets. A single infected APK can compromise your phone and your bank account within minutes.
