Mumbai Cyber Cell Busts Fake RTO Challan APK Scam, Surat Businessman Arrested

Mumbai Cyber Police have arrested a Surat-based businessman accused of running a sophisticated fake RTO challan scam that preyed on motorists’ fear of penalties and licence suspension. The operation, carried out in late December, exposed how transport-themed malware is emerging as a serious threat in India’s rapidly digitising mobility ecosystem.

According to investigators, vehicle owners received SMS alerts warning of unpaid traffic fines. The messages urged recipients to act immediately to avoid vehicle seizure or licence cancellation. Clicking the link led users to download a malicious Android APK designed to closely resemble the official Parivahan portal.

Once installed, the app quietly gained access to banking credentials, intercepted OTPs and enabled screen overlays that mimicked genuine RTO payment pages. Victims, believing they were clearing legitimate fines, unknowingly authorised transfers that routed money through dozens of UPI mule accounts spread across Gujarat and Maharashtra.

The accused, identified as Alpesh Patel (38), allegedly distributed the malware through hundreds of WhatsApp groups and fake app listings hosted on cloned platforms. During searches at his Surat premises, cyber police seized multiple laptops, burner phones and cash, along with transaction records detailing payments disguised as challan settlements.

Investigators revealed that the scam peaked between October and December 2025, resulting in over 1,200 downloads and nearly ₹21 lakh siphoned from unsuspecting motorists. Digital forensics teams also uncovered evidence of interstate coordination and overseas money movement, prompting authorities to invoke provisions of the IT Act and money laundering laws.

Cyber experts warn that such scams thrive on panic-driven behaviour and poor verification habits. Just as businesses rely on structured financial oversight - such as bookkeeping services in india - individuals must apply the same discipline to digital transactions by verifying sources and avoiding unofficial apps.

Authorities have reiterated that traffic fines should only be checked and paid through verified government platforms like mParivahan or DigiLocker. Citizens are also urged to avoid sideloading APK files and to report suspicious messages immediately via the national cybercrime helpline.

The arrest signals a wider crackdown as cyber cells step up efforts to dismantle mule networks and malware distribution chains. As India’s transport systems become more digital, enforcement agencies say vigilance - not fear - remains the strongest defence.