Challan scam alert: Fraudsters use WhatsApp APK links to steal data

A new and dangerous cyber scam is on the rise, targeting unsuspecting citizens through fake RTO challans sent via WhatsApp. According to the state’s cyber cell, people across the country—including in our state—are receiving deceptive messages containing bogus challans for two-wheelers or four-wheelers, along with a malicious APK download link.

Once users click on the link to supposedly view their challan, the APK file installs malware that grants cybercriminals access to their WhatsApp accounts and mobile devices. This access is then exploited to steal highly sensitive personal and financial data including passwords, contact lists, IDs, and banking credentials—leading to potential identity theft and massive financial losses.

Mohit Chawla, Deputy Inspector General (DIG) of the State CID Cybercrime unit, confirmed that this scam is spreading rapidly and poses a serious threat. “This is a new method of digital fraud. Fraudsters are fooling people by sending fake messages that appear official, tricking them into clicking harmful links. Once access is gained, the damage can be severe,” he warned.

He urged the public to remain vigilant, avoid clicking on suspicious or unknown links, and never download APK files from unofficial or unverified sources. He emphasized the importance of verifying any challan or government-related message directly from official websites or apps.

DIG Chawla further appealed to citizens to immediately report any instance of cyber fraud to the dedicated toll-free cybercrime helpline 1930 for swift action and resolution. Public awareness and caution, he said, remain the best defence against such evolving digital threats.

Himachal Tribune