A new WhatsApp scam is circulating APK files named like “RTO E-Challan.apk” or “MParivahan.apk.” They look official but carry malware that can steal data, hijack WhatsApp and spread itself by forwarding to your contacts.
What’s The Scam?
Fraudsters send a message that looks like an official RTO challan notice or ‘mParivahan’ with an APK attachment. You receive this message (often from a number you don’t know). As soon as you click to download and install the file, it installs malware on Android devices.
Once installed, the malware runs with device permissions and can read data, send messages, and change settings. The malicious app can exfiltrate sensitive data, harvest your banking information, take control of WhatsApp and auto-forward the same malicious file to your contacts.
Because the message may be forwarded by people you know (whose accounts are already compromised), it looks more trustworthy and spreads quickly.
In some cases, victims have reported that their WhatsApp accounts were banned after the malware was installed on their devices.
What To Avoid
- Do not download or install APK files sent via WhatsApp or SMS. Legit government apps (e.g., mParivahan) are available only through official app stores or government portals. They will not be pushed as APK files through WhatsApp.
- Don’t click suspicious links in messages; don’t forward the message to others.
- Only install apps from official app stores like Google Play or the vendor’s verified site.
- Keep OS and apps updated; enable Google Play Protect and use a reputable mobile security app.
Immediate steps if you clicked or installed
- Disconnect from the internet (turn off Wi-Fi & mobile data) to limit the malware’s activity.
- Uninstall the app via phone settings (if possible) and run a full antivirus/antimalware scan.
- Change passwords for sensitive accounts (email, banking) from a clean device.
- Report and block the sender on WhatsApp, and warn contacts if your account begins sending the file.
- If you come across a suspicious order notification or message, don’t panic. Send it to BOOM’s Tipline (7700906588) and we’ll verify it for you.