Fake E-Challan App Scam in Gujarat Swindles Victims Out of ₹5.77 Lakh
, Bhavnagar Rakesh Fofariya, a 38-year-old resident of Bhavnagar, lost ₹5.77 lakh in a startling cyber fraud case when his son unintentionally downloaded a phony traffic e-challan app from a WhatsApp message. The scam, which was carried out using the "TRAFFIC CHALLAN 500.APK" APK file, is a part of an increasing number of scams that target citizens by using phony government applications.
August 5, 2025, Bhavnagar Rakesh Fofariya, a 38-year-old resident of Bhavnagar, lost ₹5.77 lakh in a startling cyber fraud case when his son unintentionally downloaded a phony traffic e-challan app from a WhatsApp message. The scam, which was carried out using the “TRAFFIC CHALLAN 500.APK” APK file, is a part of an increasing number of scams that target citizens by using phony government applications.
What took place?
A WhatsApp message purporting to be from traffic authorities was sent to Fofariya’s young son on July 7. An APK file imitating a government e-challan app was included. He put the app on his father’s phone, believing what it looked like.
The phone started getting a barrage of OTP messages shortly after installation. Fofariya soon received phony challan notifications and messages regarding loans totaling ₹2.63 lakh and ₹2.68 lakh, for which he had never submitted an application. He was alarmed to discover that fraudulent loans and unapproved transactions had siphoned off ₹5.77 lakh from his bank account.
How the Fraud Operated
Once installed, the fraudulent app surreptitiously collected private data, such as banking credentials and OTPs, according to the Bhavnagar Cyber Crime Police. These details were used by the scammers to:
Take out quick online loans in the victim’s name.
Access and withdraw money from linked bank accounts.
Use apps and internet platforms to transfer funds to mule accounts.
The scam took advantage of people’s lack of technical knowledge about the dangers of APK files and their faith in official websites.
What Steps Were Taken?
Fofariya immediately complained to the Bhavnagar Cyber Police, who then filed a formal complaint (FIR) in accordance with the pertinent provisions of the Indian Penal Code and the Information Technology Act. Officials are tracking the origin of the APK file and WhatsApp numbers used in the scam as part of a digital investigation.
According to cyber experts, the attack might be connected to a larger syndicate that uses cloned domains and apps to distribute phony e-challan messages throughout India by posing as traffic authorities like mParivahan and Parivahan Sewa.
A Concerning Pattern
This instance fits into a broader trend of scams involving APKs. Similar scams have been reported in the past from other Indian cities, such as Bengaluru and Nagpur, where users’ accounts were drained using phony traffic challan links. Numerous advisories regarding malicious APK files shared on Telegram and WhatsApp have already been issued by the Gujarat Cyber Cell.
Police and Cybersecurity Guidance
The following safety measures are recommended for citizens:
Installing APK files from unidentified or unofficial sources is not advised.
Use only apps that have been verified by the Apple App Store or Google Play Store.
Visit echallan.parivahan.gov.in to double-check the challan details.
Never give out OTPs or private banking information over the phone or through apps.
You can report financial frauds and suspicious messages by calling 1930 or visiting cybercrime.gov.in.
In conclusion
The Gujarat Bhavnagar scam is a clear reminder that cybercrime is constantly changing and that even minor errors, such as installing the incorrect app, can result in enormous financial losses. In fight against cybercrime, being vigilant, being digitally literate, and using verified platforms are more important than ever.
