Be careful of e-challan scam, you may get cheated while paying, avoid online fraud like this

A complex Android malware application in the guise of an e-challan is attacking Indian users over social media. This information comes to light according to a report by cyber security firm CloudSEK. Online hackers sitting abroad take advantage of worries emanating from traffic violations in India. These online thugs tend to send fake e-challan messages in the name of legitimate authorities such as the Transport Service or Karnataka Police.

Vietnamese hackers are gaming this unscrupulous game over the social media app WhatsApp. The modus operandi is to lure the users to download a malware app through the imitation of genuine applications. When a user clicks on the link in this WhatsApp message, the process of downloading this malware begins, named from the "Vromba" family. This named app, when downloaded, asks for a number of permissions. This is also comprised of contacts, calling, SMS messages, and the ability to become the default messaging app.

Once this access is obtained, the malware can easily steal other personal information and perpetrate financial fraud. Basically, by reading one-time passwords (OTPs) and other sensitive messages, these cyber attackers can access victims' e-commerce accounts. They then take advantage of this access to buy gift cards. And redeem them for anonymous reasons, making it hard to trace the record of fraudulent transactions.

CloudSEK researchers have estimated that this malware has infected over 4400 devices by just one fraudster, with fraudulent transactions of more than Rs 16 lakh having happened. This malware also extracts the contacts from the users' phonebook automatically. This is done so that they can be targeted for more scams. Further, it also forwards SMS messages that the attackers could use to gain access past two-level authentication features, to launch a variety of financial application attacks.

The report also points out that the attackers have been using Proxy IPs to remain unexposed and also keep the transaction profile very low. As per the report, it's been established that Gujarat is the most affected region in India with respect to victims by these hackers, followed by Karnataka.

A few security measures of CloudSEK which might just protect you against this malware. First of all, install apps only from trusted sources like Google Playstore. Then be very watchful and careful about the permissions you are granting to apps, and once in Rome, end check that they are working according to the app's function. Thirdly, update your operating system and security software on a regular basis to install any new security patches. Finally, switch on alerts for banking and other sensitive services.