Share
PHISHING / INDIA

Fake e-Challan website scam in India: the traffic fine that steals your card

A message says you have a pending traffic challan and to pay it online now. The link opens a page that looks exactly like the government e-Challan portal, the same emblem, the same MoRTH and NIC logos, a small fine of about Rs 1,000. Then it asks for your card. The moment you type the number, it is gone. Here is how to know the site is fake before you enter a single digit, and the one address that is actually real.

SafeBrowz Threat Research

Verdict: scam

Fake e-Challan websites like echallan.cyou, parivahan.eu.cc and aechallan.qpon are not government sites. They copy India's official traffic-fine portal to steal your debit and credit card details. The only real e-Challan site in India is echallan.parivahan.gov.in, run by the Ministry of Road Transport and Highways. No genuine challan is ever paid on a .cyou, .eu.cc or similar throwaway address. There is one tell that gives these fakes away: a real government payment page lets you pay by UPI or net banking, while these scam pages funnel everything to a card, because card numbers can be resold and reused while UPI is instantly traceable. Some fakes hide UPI and net banking so a card is the only option; others show those buttons but rig them to fail and push you back to the card form. Either way, if the only payment that actually goes through is a card, the page is harvesting it, not collecting a fine. If a message says you owe a traffic fine, do not tap the link. Type echallan.parivahan.gov.in yourself and look up your vehicle number. If you already entered your card on one of these pages, call your bank to block it now and report at 1930 or cybercrime.gov.in.

How the message reaches you

It almost always starts as an SMS or a WhatsApp message, and the wording barely changes because it works on anyone who owns a vehicle. A typical version reads: "Your vehicle has a pending e-challan of Rs 1,000 for a traffic violation. Pay immediately to avoid legal action" followed by a link. The amount is small on purpose, usually somewhere between Rs 500 and Rs 1,000, large enough to seem real and small enough that paying it feels quicker than arguing. The threat of "legal action" or a doubling penalty is there to make you hurry past the one question that matters: is this link actually the government.

Genuine transport-department alerts come from a verified sender ID such as VM-PARIVAHAN, never from a random 10-digit mobile number or an international one, and never as a WhatsApp forward. If the sender is a personal number and the link is anything other than the official portal, you already have your answer.

The site is a pixel-perfect clone

Tap the link and the page that opens is a careful copy of the real thing. It carries the Government of India emblem, the "eChallan - Digital Traffic and Transport Enforcement Solution" heading, the MoRTH line, and even a footer crediting the National Informatics Centre with a helpdesk email and phone number. There is a "Challan Details" box where you enter a challan number, vehicle number or driving-licence number and press Get Detail. Whatever you type, it finds a fine. That is the trick: the fake portal flags every vehicle, because the fine is not real, it is just the bait to get you to the payment page.

The tell that gives it away: it only wants your card

This is the single most reliable way to spot the fraud, and it is worth burning into memory. After the fake challan, you land on a payment page headed with the same government branding, a "Payment Summary" showing a challan number and "Total Payable Amount: INR 1000.00", and then a form that asks for your card: name on card, card number, expiry and CVV, with Visa, Mastercard and other logos underneath.

What matters is which payment method actually completes. The real echallan.parivahan.gov.in flow lets you pay by UPI, net banking or card. The scam is built to capture the card, because a card number, expiry and CVV can be resold, reused on other sites, or run for an international transaction, while a UPI payment is instantly traceable back to the fraudster's account. Some of these fake pages simply leave out UPI and net banking so a card is the only option. Others show those buttons but rig them to fail with an error, steering you back to the card form. So watch what goes through: if the only method that works is a card, you are not on a government portal, you are on a harvesting page.

The "try another card" trap

Enter a card and many of these pages do not say thank you. They show an error along the lines of "This card does not support this transaction, please try another card." That message is deliberate. It is not a real failure. It is a harvesting loop, designed to make one worried victim enter a second card, then a third, handing the operator several live card numbers from a single visit. If a payment page keeps rejecting cards and asking for another, stop. A real gateway does not collect three of your cards to settle one Rs 1,000 fine.

What it costs the people who fall for it

The loss is rarely the Rs 1,000 on the screen. Once the card details are captured, the fraudsters run their own charges. In one Hyderabad case reported in the press, a resident acted on a Rs 500 fake challan, entered card details on the payment page, and within minutes an international transaction of about 6,900 euros, roughly Rs 6 lakh, was drained from the card. This is not a lone site either. Threat-intelligence firm Cyble has reported more than 36 fake domains impersonating the RTO e-Challan portal in a single coordinated campaign, so the same kit is being spun up under new addresses again and again.

๐Ÿ›ก LIVE CHECK

Check that "pay your challan" link before you open it

Got a link in a traffic-challan message and not sure where it leads? Paste it below before you open it and before you enter a single card detail. Our 3-layer engine (Local + APIs + AI) returns a verdict in about 3 seconds. Free, no signup.

Full scan with deep AI analysis โ†’ ยท No URL is logged to your identity.

The fake domains reported, and the one real site

Here are examples of the fake e-Challan addresses this campaign uses. Each one clones the government portal and pushes the card-harvesting payment page. SafeBrowz has added them to its blocklist, so a scan of any returns danger, and they are worth reading so you recognise the pattern:

  • echallan.cyou - a government service name on a cheap throwaway TLD.
  • parivahan.eu.cc - the exact "parivahan" brand parked on a free subdomain service, nothing to do with the government.
  • aechallan.qpon - a near-miss spelling of "echallan" on an unrelated TLD.

The only address that is real is echallan.parivahan.gov.in. A genuine government service in India sits on a .gov.in domain. If the link ends in .cyou, .eu.cc, .in, .co, .xyz, or is a shortened link, it is not the transport department, no matter how perfect the page looks. Scammers change these domains constantly, so do not rely on memorising a blocklist. Rely on the rule: real challans live only at echallan.parivahan.gov.in.

How to check whether you actually have a challan

Ignore the link entirely and go to the source. Type echallan.parivahan.gov.in into your browser yourself, open the "Check Challan Status" or accused-challan page, and enter your vehicle registration number. If a challan is genuinely pending, you will see it there, and you can pay it there with UPI or net banking. If nothing shows up, the message was a lie. You can also use the official Parivahan app downloaded by you from the Google Play Store, or your state transport department's verified website. That is the entire list of safe ways to check. A link in a text message is not on it.

Red flags of the fake e-Challan website

  • The link is not echallan.parivahan.gov.in. India's government services live on .gov.in, so an e-Challan on a .cyou, .eu.cc, .xyz, a plain .in or .co lookalike, or a shortened link, is not the transport department. The domain is the single clearest tell.
  • A card is the only payment that goes through. UPI and net banking are missing, or they are shown but rigged to fail, leaving a card as the only option. A genuine government portal lets UPI and net banking work; a page that only completes on a card is harvesting it.
  • It came by SMS or WhatsApp from a personal number. Not the verified VM-PARIVAHAN sender ID.
  • It pressures you. "Pay now to avoid legal action" or "before the fine doubles tonight" is manufactured urgency to stop you checking.
  • Every vehicle number shows a fine. The fake portal flags everyone, because the challan is invented.
  • It keeps rejecting your card and asking for another. That "try another card" loop is a harvesting trick, not a real error.
  • It asks for card details it does not need. On a fake page the whole point is the card number, expiry and CVV.

If you already entered your card

  1. Block the card immediately. Call your bank's fraud line or freeze the card in your banking app right away, before the fraudsters run a charge. Speed matters most here.
  2. Report to the national cybercrime helpline. Call 1930 or file at cybercrime.gov.in. Reporting inside the golden hour gives the best chance of freezing a transaction before the money leaves.
  3. Watch for and dispute any charge. Check your statement, raise a chargeback or fraud dispute with your bank for anything you did not make, and ask them to reissue the card.
  4. Report the sender. Flag the SMS, call or WhatsApp message through the Chakshu service on the sancharsaathi.gov.in portal so the number can be acted on.
  5. Turn on card controls. Enable transaction alerts, and where your bank allows it, keep international and online usage switched off until you need them. Our what to do after a scam guide has the full recovery sequence.

How SafeBrowz blocks this threat

SafeBrowz runs a 3-layer detection architecture: Local + APIs + AI.

  • Layer 1 - Local detection: 60+ URL pattern signatures plus a 550+ brand database that includes Indian government and transport brands, plus homograph and Punycode checks, all running inside the extension before the page renders. A "parivahan" or "echallan" name sitting on a throwaway domain like .cyou or a free .eu.cc subdomain is exactly the kind of lookalike this layer flags.
  • Layer 2 - API checks: aggregates Google Safe Browsing, PhishTank, URLhaus and ScamAdviser feeds plus 30+ scam-TLD lists to flag domains already reported as malicious. The three domains named in this report were added to our blocklist, so a scan of any of them now returns danger.
  • Layer 3 - AI deep scan (Premium): 100+ language content analysis catches a brand-new fake e-Challan page in seconds, including a fresh copy of the Parivahan portal that no blocklist has seen yet, by reading the page the way a person would and spotting the government impersonation and the card-only payment form.

Honest scope: SafeBrowz checks the link, so a fake challan-payment page is flagged before it loads and before you can type a card into it. What it cannot do is undo a card you have already entered, so the human rules still matter most: the only real portal is echallan.parivahan.gov.in, and a challan page that will only take a card is a scam. SafeBrowz catches the link, you catch the message.

Detection signatures are derived from threat-intelligence research and our internal brand database, not from user browsing data. SafeBrowz does not store per-user browsing history.

There is also a fake e-Challan app version

The card-stealing website is one of two shapes this scam takes. The other sends you an Android app to install instead of a payment page, and that file is a banking trojan that reads your SMS, steals the OTP your bank sends, and drains your account through UPI. Same lure, different weapon. If your message pushes an app or an .apk file rather than a payment page, read our companion guide on the fake RTO e-Challan APK banking trojan. Either way, the defence is the same: a real challan is never a link in a text, an app to sideload, or a card-only payment page, and it lives only at echallan.parivahan.gov.in.

Install SafeBrowz free

Add the browser extension, or the SafeBrowz Android app, that runs every check in this article automatically, on every page, before it renders. Free forever, with optional Premium AI deep scan at $14.99 per year.

Chrome Add to Chrome Firefox Add to Firefox Edge Add to Edge Google Play Get it on Google Play

See pricing and Premium features

Frequently asked questions

Is echallan.cyou or parivahan.eu.cc a real government e-Challan site?

No. echallan.cyou, parivahan.eu.cc and aechallan.qpon are fake e-Challan websites. They copy India's official traffic-fine portal to steal your debit and credit card details, and they are on the SafeBrowz blocklist. The only real government e-Challan site is echallan.parivahan.gov.in. A genuine government service in India uses a .gov.in domain, never .cyou, .eu.cc, .xyz or a shortened link.

What is the only official e-Challan website in India?

The one official portal is echallan.parivahan.gov.in, run by the Ministry of Road Transport and Highways. Type it into your browser yourself and look up your vehicle number to check for a real challan, or use the official Parivahan app from the Google Play Store, or your state transport department's verified website. Never check or pay through a link in an SMS or WhatsApp message.

Why does the fake e-Challan page push me to pay by card and not UPI?

Because the goal is to steal your card, not collect a fine. Card number, expiry and CVV can be resold or reused on other sites and for international transactions, while a UPI payment is instantly traceable back to the fraudster's account. The real echallan.parivahan.gov.in lets you pay by UPI, net banking or card. So if a challan page steers everything to a card, whether by leaving out UPI and net banking or by showing them and letting them fail, it is a scam harvesting your card.

I entered my card on a fake e-Challan site. What should I do?

Act immediately. Block or freeze the card through your bank's app or fraud line before any charge is run. Report to the national cybercrime helpline by calling 1930 or filing at cybercrime.gov.in, ideally within the golden hour for the best chance of freezing the money. Dispute any transaction you did not make, ask the bank to reissue the card, and report the sender through the Chakshu service on sancharsaathi.gov.in.

How do I check if I really have a pending traffic challan?

Go to echallan.parivahan.gov.in, typed into your browser yourself, open the check-challan page and enter your vehicle registration number. If a challan is genuine it appears there and you can pay it with UPI or net banking. If nothing shows, the message was fake. You can also use the official Parivahan app from the Google Play Store. A government department never sends a challan as a link in a text, an app to install, or a card-only payment page.

Related reading

Bottom line: A message about a pending traffic challan that links you to a payment page is a scam, not an RTO notice. Fake sites like echallan.cyou and parivahan.eu.cc clone the government portal and steal your card, and the giveaway is that they only accept a card, never UPI. The one real address is echallan.parivahan.gov.in. Never pay from a link, check your challan there yourself, report a scam at cybercrime.gov.in or 1930, and keep SafeBrowz on your browser so a fake challan-payment page is flagged before you can type a card into it.