Protect Yourself: Precautions Against WhatsApp E-Challan Scam

Bengaluru: CloudSEK has uncovered a sophisticated Android malware campaign targeting Indian users through fake traffic e-challan messages on WhatsApp. Originating from Vietnamese hackers, this scam has compromised over 4,400 devices, leading to fraudulent transactions exceeding ₹16 lakh.

How It Works:

• Deceptive Notifications: Malicious APKs are disguised as official vehicle challan notifications from entities like Parivahan Sewa or Karnataka Police.
• Permissions: Once installed, the malware requests extensive permissions, including access to contacts, SMS messages, and OTPs, allowing attackers to steal financial and personal information.

Affected Areas:

• Regional Impact: Gujarat and Karnataka are the most affected states.

Expert Insight: Vikas Kundu from CloudSEK emphasizes the malware's ability to forward SMS messages, facilitating further exploitation.

Protect Yourself:

• Download Apps Safely: Use only trusted sources like the Google Play Store.
• Limit Permissions: Be cautious with app permissions.
• Update Regularly: Keep your software up to date.
• Enable Alerts: Set up transaction alerts for sensitive activities.