The Reveal Platform
Intel Name: Rto scam wave continues: a surge in browser-based e-challan phishing and shared fraud infrastructure
Date of Scan: December 24, 2025
Impact: High
Summary: A renewed RTO/e-Challan phishing wave is actively targeting Indian vehicle owners through SMS-based lures that link to fake, browser-based portals mimicking official government services. Unlike earlier malware-driven campaigns, this activity relies solely on phishing, dynamically generating challan details and pushing victims toward card-only payments to facilitate financial fraud. Analysis shows shared hosting infrastructure supporting multiple government, BFSI, and logistics-themed scams, highlighting an ongoing, large-scale operation that exploits urgency and user trust despite browser security warnings.
