Millions of Indian vehicle owners targeted in browser-based e-Challan phishing scam

A sophisticated new phishing campaign targeting Indian vehicle owners marks a troubling evolution in cybercrime, shifting decisively from malware-driven attacks to low-friction, browser-based fraud. According to fresh findings from Cyble Research and Intelligence Labs, attackers are now exploiting public trust in Regional Transport Office (RTO) services through more than 36 fake e-Challan domains—many of which remain active—making this one of the most persistent and scalable fraud operations seen in recent months.

The campaign relies on realism rather than technical complexity. Victims receive SMS messages warning of overdue traffic fines, often accompanied by threats of licence suspension, court summons, or legal action. These messages contain shortened links that redirect users to professionally cloned government portals, complete with MoRTH branding and NIC-style insignia. Once there, the fraud unfolds entirely within the browser, requiring no app downloads or malware installation—dramatically widening the potential victim base.

Investigators say ...