Friday, December 20, 2024
Advertisement
  1. You Are At:
  2. News
  3. Technology
  4. Scammers stealing money by sending fake e-challan messages on WhatsApp: Here's how THIS scam works

Scammers stealing money by sending fake e-challan messages on WhatsApp: Here's how THIS scam works

Scammers are spreading fake traffic e-challan messages on WhatsApp. These messages infect devices, leading to fraudulent transactions.

Written By: Om Gupta New Delhi Published : Jul 17, 2024 14:41 IST, Updated : Jul 17, 2024 14:41 IST
Fake traffic e-challan
Image Source : FREEPIK Fake traffic e-challan

A sophisticated Android malware campaign conducted by Vietnamese hackers is targeting Indian users through fake traffic e-challan messages on WhatsApp, as reported on Wednesday. Researchers from CloudSEK, a cybersecurity firm, have identified the malware as part of the Wromba family. The malware has already infected over 4,400 devices and has resulted in fraudulent transactions exceeding Rs. 16 lakh by a single scam operator.

How the scam works?

Scammers are sending fake e-challan messages, impersonating the Parivahan Sewa or Karnataka Police, and tricking individuals into installing a malicious app. This app not only steals personal information but also facilitates financial fraud. Clicking the link within the WhatsApp message will prompt the download of a malicious APK disguised as a legitimate application.

Once installed, the malware requests excessive permissions, including access to contacts, phone calls, SMS messages, and the ability to become the default messaging app. It intercepts OTPs and other sensitive messages, allowing attackers to log in to victims' e-commerce accounts, purchase gift cards, and redeem them without leaving a trace.

Why it is not easy to intercept these frauds?

The attackers use proxy IPs to avoid detection and maintain a low transaction profile. With the use of the malware, they have accessed 271 unique gift cards, facilitating transactions worth Rs 16,31,000. The most affected region has been identified as Gujarat, followed by Karnataka.

How can you avoid such types of scams? 

To protect against such malware threats, users can stay vigilant and adopt security best practices, including installing apps only from trusted sources like Google Play Store, limiting app permissions and regularly reviewing them, maintaining updated systems, and enabling alerts for banking and sensitive services.

Vikas Kundu, Threat Researcher at CloudSEK, commented that "Vietnamese threat actors are targeting Indian users by sharing malicious mobile apps under the pretext of issuing vehicle challans on WhatsApp."

ALSO READ: Only Aadhaar number is sufficient to steal money from your bank account: Know about THIS new scam

Inputs from IANS

 

Advertisement

Read all the Breaking News Live on indiatvnews.com and Get Latest English News & Updates from Technology

Advertisement
Advertisement
Advertisement
Advertisement