In March 2026, Vinay in Hyderabad received a WhatsApp PDF from an unknown +91 number titled “Traffic-Challan-TG09EH4521.pdf” demanding ₹2,500 for “no helmet, signal jump on 14 Feb 2026” with a payment link ending in .xyz and an “Install Vahan App.apk” attachment. He had not been on the road that day. The instant verification rule for any e-challan in India is this: a real challan only ever lives at https://echallan.parivahan.gov.in or your state transport portal, never inside a PDF or APK on WhatsApp. Do not click the link, do not install the APK, and do not pay. Verify the challan number directly on the government portal in 60 seconds, then report the scam to the National Cyber Crime helpline 1930 within 24 hours so any debited money can still be frozen.
🟡 Citizen tip , Most weekend complaints fail not because the law is weak but because evidence gets lost in the first hour. Photograph everything before you call any helpline.
🟡 Trust signal , Bharatiya Sakshya Adhiniyam 2023 Section 63 admits screenshots and email as primary electronic evidence when forwarded to your own email with timestamp preserved.
The single fastest route is the National Cyber Crime Reporting Portal at https://cybercrime.gov.in or its phone helpline 1930, which is available 24×7 in 11 languages and is run by the Indian Cybercrime Coordination Centre (I4C) under the Ministry of Home Affairs. If money was actually debited, 1930 triggers an automated lien-marking request to your bank under the RBI 2017 Master Direction on Limited Liability of Customers, and funds parked in mule accounts can be frozen within 4 hours. In parallel, report the URL or phishing domain to CERT-In at [email protected] or https://www.cyberswachhtakendra.gov.in for technical takedown under IT Act 2000 §70B. For the WhatsApp number, also file an in-app report so Meta can suspend it under WhatsApp's Acceptable Use policy.
🟡 Most citizens miss this , Consumer court fee starts at ₹100. e-Daakhil online filing needs no lawyer. Median resolution 6 to 12 months.
Tier 1 (in-platform, hour 0 to hour 24): Block and report the WhatsApp number, screenshot everything, run https://echallan.parivahan.gov.in and your state portal to confirm no real challan exists, alert family on the same WhatsApp group.
Tier 2 (regulator and helpline, hour 24 to day 7): File on https://cybercrime.gov.in, call 1930 (especially if any payment was made), email CERT-In, and file a separate ticket on https://pgportal.gov.in (CPGRAMS) tagged to Ministry of Road Transport and Highways for “fraudulent impersonation of e-challan system”.
Tier 3 (FIR and prosecution, day 8 onwards): File a written FIR under BNS 2024 §318 (cheating by personation), §319 (cheating by personation using electronic means), §336 (forgery), read with Information Technology Act 2000 §66C (identity theft) and §66D (cheating by personation using computer resource). For the link itself, request CERT-In to issue a §70B blocking direction.
To: [email protected] CC: [email protected] Subject: Fake e-challan WhatsApp scam, number +91[XXXXXXXXXX], IT Act 66D + BNS 318, request for takedown and FIR Sir / Madam, I, [Name], aged [Age], resident of [Full Address], wish to report a phishing attempt by impersonation of the Government e-challan system. On [Date] at [Time], I received a WhatsApp message from +91[XXXXXXXXXX] containing a PDF titled "[Filename]" and a payment link "https://[suspicious URL]". The message claimed a traffic challan of ₹[Amount] was due against my vehicle [Reg No.]. On verification at https://echallan.parivahan.gov.in no such challan exists for my vehicle. The act constitutes: 1. Cheating by personation under BNS 2024 §319. 2. Forgery of electronic record under BNS 2024 §336. 3. Identity theft under Information Technology Act 2000 §66C. 4. Cheating by personation by use of computer resource under §66D. 5. Phishing in violation of Information Technology Rules 2021 Rule 3(1)(b)(ii). I request: (a) Registration of FIR. (b) Direction to the telecom service provider for KYC details of the sender number under IT Act §69B. (c) Blocking of the URL https://[suspicious URL] under IT Act §70B. (d) Lien-marking of beneficiary account [if payment made: UTR No., Amount, Beneficiary Name] under RBI Master Direction on Limited Liability 2017. All evidence is enclosed: WhatsApp screenshot, PDF file, URL scan report. Yours faithfully, [Name] [Phone] | [Email] [Date]
To, The Public Information Officer, Ministry of Road Transport and Highways, Transport Bhawan, 1 Sansad Marg, New Delhi 110001. Subject: Application under Section 6(1) of the Right to Information Act 2005 Sir / Madam, Kindly furnish the following information regarding fake e-challan phishing scams targeting Indian citizens: 1. Total number of fake e-challan scam complaints received by the Ministry, NIC, or echallan.parivahan.gov.in helpdesk during financial years 2024-25 and 2025-26. 2. The standard operating procedure issued, if any, to State Transport Departments for warning citizens against fake WhatsApp e-challans. 3. List of all advisories or press releases issued on this subject in the last 24 months, with copies. 4. Action taken on the URL https://[suspicious URL] reported via complaint reference [NCRP docket no.], including any §70B blocking direction issued via CERT-In. 5. Whether the parivahan.gov.in portal is integrated with WhatsApp Business API for genuine challan delivery, and if so the official sender ID. Application fee of ₹10 enclosed via IPO / e-payment. I am an Indian citizen seeking the information in personal capacity. Yours faithfully, [Name] [Address] [Phone] | [Email] [Date]
A pure phishing scam where you did not pay anything is primarily a criminal matter, not a consumer matter, so the FIR + 1930 route is the one that delivers. However, if the fraud succeeded and your bank delayed reversal of an unauthorised debit beyond the 10-day window mandated by RBI's Master Direction on Limited Liability of Customers (RBI/2017-18/15), you have a parallel consumer claim against the bank for deficiency in service under Consumer Protection Act 2019 §2(11). District Consumer Commission jurisdiction applies up to ₹50 lakh, filing fee is ₹100 to ₹500, e-Daakhil at https://edaakhil.nic.in is fully online, and the typical timeline is 6 to 12 months. The Supreme Court in Avtar Singh v. State of Punjab (2017) 8 SCC 471 affirmed that electronic-record offences under the IT Act are cognisable, and Shreya Singhal v. Union of India (2015) 5 SCC 1 confirms intermediary obligations under §79 of the IT Act.
🟡 Do this immediately , Disable UPI auto-debit and reduce per-transaction limit to ₹1 the moment a financial dispute opens. Restoring later takes 24 hours; preventing further loss takes 30 seconds.
Login to RTI Wiki to download the printable PDF checklist (8-step printable summary) for this article.
Open https://echallan.parivahan.gov.in, enter your vehicle number or driving licence number with the CAPTCHA, and the portal lists every genuine challan against you nationwide. Most state police forces also run their own portals, e.g. Delhi at https://traffic.delhipolice.gov.in. Real challans never come as a PDF or APK on WhatsApp.
The risk is that the link may have been a credential-harvesting page or may have triggered a silent APK download. Immediately disconnect the phone from Wi-Fi and mobile data, run an antivirus scan (Lookout, Bitdefender, Kaspersky), check Settings then Apps for any unfamiliar app installed in the last 24 hours, and change your UPI PIN, banking password, and Gmail password from a different trusted device.
Power the phone off, take it to an authorised service centre for a factory reset, do not just delete the app because banking-trojan APKs install hidden services. Call 1930 immediately for any UPI or banking debit alerts, freeze your debit card via netbanking, and file an NCRP complaint citing IT Act 2000 §66 and §66D. Avnish Bajaj v. State (2008) 150 DLT 769 establishes intermediary liability for hosting malicious files.
You cannot trace it directly, but the police can. Once you file an FIR or NCRP complaint, the investigating officer can issue a notice under Bharatiya Nagarik Suraksha Sanhita 2024 §94 (formerly CrPC §91) to the telecom service provider for the KYC details linked to that mobile number. WhatsApp itself only stores message metadata, not content, but the phone number's KYC is with the telco.
If you report the unauthorised transaction to your bank within 3 working days, RBI's 2017 Master Direction on Limited Liability fixes your liability at zero. Between 4 and 7 days, liability is capped at ₹5,000 to ₹25,000 depending on account type. Beyond 7 days, the bank's board-approved policy applies. Always file a parallel NCRP complaint and call 1930 within 4 hours for fund-freeze.
BNS 2024 §318 is plain cheating, §319 is cheating by personation (pretending to be someone else, like the traffic police), and IT Act 2000 §66D is cheating by personation using a computer resource (PDF, link, app). The same act of sending a fake e-challan PDF can attract all three sections together, with §66D carrying up to 3 years imprisonment plus fine.
No. Do not reply, do not say “stop”, do not type “wrong number”, do not call back. Any response confirms your number is active and gets you sold to other scam farms. Long-press the chat in WhatsApp, tap “Report and Block”, which silently sends the last five messages to Meta's Trust and Safety team and removes the chat from your view.
The fake e-challan WhatsApp scam is the 2026 successor to the fake courier and fake bank-KYC frauds, and it works because Indians have been trained over a decade to take government dues seriously. Citizen Crisis Response Network's playbook is built for exactly this moment: pause for 60 seconds, verify on https://echallan.parivahan.gov.in, and dial 1930 if anything has already gone wrong. RTI Wiki's editorial team tracks every new scam variant and updates this guide as the URLs and APK names mutate. Share this article in every family WhatsApp group. The forwarded message that warns is the one that protects.