Phishing scam targets Bengalureans as traffic fine rebate ends

As Bengaluru Police’s 50 per cent rebate on traffic violation penalties draws to a close, cybercriminals have launched a large-scale phishing campaign targeting unsuspecting smartphone users across the city. The scammers are sending alarming text messages about “unpaid traffic fines” in an attempt to steal bank details or force victims into installing malicious apps.

Cybercriminals are sending fake traffic fine alerts to Bengalureans as the penalty rebate period ends, prompting police to warn citizens against clicking links or sharing financial details.

Fraudsters exploit rebate deadline

Bengaluru Police announced a 50% rebate on pending traffic fines from November 21 to December 12, prompting thousands to clear their dues. But as the deadline neared, cyber fraudsters began circulating threatening messages urging users to “settle unpaid fines immediately” to avoid legal action.

Messages include lines such as:

• “Reminder: Unpaid traffic fine. Settle immediately to avoid additional fees or legal measures.”
• “Alert: Unpaid traffic fine notice. Clear dues now to prevent charges or legal action.”

These texts contain malicious URL links that lead to fake payment portals or prompt users to download APK files containing malware.

How the scam works

Threat actors rely on social engineering, using fear and urgency to push victims into revealing sensitive financial information. According to cybersecurity investigators, these fraudulent links lead to pages asking for debit/credit card details, net banking passwords, or UPI PINs.

Some links also trigger the download of malware-laced APK files, giving cybercriminals remote access to the victim’s device.
(See related: NK article on tech-enabled fraud prevention)

Phone numbers used in the phishing campaign — including +91 96126 33375 and +91 80189 11435 — appear to be registered under names such as Tarimchi Wak and Lusi Ngd, likely “mule accounts” purchased from villagers unaware of the misuse.

Bengaluru Police: ‘We do not seize vehicles immediately’

Police officials clarified that genuine fine information is available only through official platforms. They emphasised that enforcement officers do not threaten confiscation through SMS.

Citizens should verify dues through:

• BTP official website: https://btp.karnataka.gov.in
• Karnataka One: https://www.karnatakaone.gov.in
• BTP ASTraM app
• KarnatakaOne app

Officials warned that scammers are exploiting gaps in spam detection, as newly purchased numbers often bypass automated filters.

How to stay safe from phishing messages

Cyber experts shared key precautions for citizens:

1. Ignore suspicious messages

Government agencies never demand payments through links or ask for personal details over SMS or messenger apps.

2. Never install APK files

Avoid downloading apps from unfamiliar links or third-party sites. Always use official app stores.

3. Protect personal details

Do not share bank credentials, passwords, or OTPs online.

4. Keep devices updated

Install the latest software updates and security patches on phones and computers.

5. Use trusted antivirus apps

Enable safe-browsing features to detect dangerous websites.

What to do if you fall victim

If someone inadvertently shares their banking details or completes a fraudulent transaction, they must immediately call the national cybercrime helpline 1930. The Indian Cyber Crime Coordination Centre can often freeze mule accounts if notified within the first hour.

Cyber experts say timely reporting greatly increases the chance of recovering lost funds.