Imagine receiving a text message claiming that an artificial intelligence-powered traffic camera has caught your vehicle speeding.
The message includes a precise fine amount, an offence date and a strict deadline, warning of legal action if you do not pay immediately.
Fear and urgency kick in. Conveniently, the message also contains a website link for payment. If this happens to you, stop. It is a trap.
Following the recent introduction of automated traffic monitoring systems to detect violations in Dhaka, a highly organised group of cybercriminals has launched a widespread phishing campaign across Bangladesh.
The scammers are sending mass text messages containing fake traffic prosecution notices.
These messages redirect unsuspecting vehicle owners to fraudulent websites designed to resemble the official Bangladesh Road Transport Authority (BRTA) Service Portal. Once victims enter sensitive information, scammers can gain access to their bank accounts or mobile wallets.
"I barely use my car nowadays since the Metro Rail started operations," said Ataur Rahman, a private job holder.
"So when I received a text message out of the blue claiming I had a traffic violation, I was utterly surprised. Thankfully, I had already seen warnings about these fraudulent texts shared on various social media groups dedicated to traffic and car enthusiasts. Recognising the pattern, I refrained from clicking the link or interacting with the message at all."
Another car owner, Amzad Hossain Tohin, posted on Facebook, saying, "I just got a text from a phone number with dialing code of Philippines for over speeding. Later, I heard many of friends also got such scam messages. We all should be careful before clicking the links embedded with the fake case SMSs."
Both the BRTA and the Dhaka Metropolitan Police (DMP) have issued urgent warnings, clarifying that they never send SMS alerts containing payment links from personal or generic mobile numbers.
Official traffic fines under the Road Transport Act, 2018 are delivered through formal mail, signed by a technical unit officer and sent directly to the vehicle owner's registered address.
In rare cases where the DMP sends official SMS notices, they originate only from two designated numbers: 01320-042207 and 01320-042227.
Authorities have reminded the public that government agencies never request bank passwords, mobile financial service (MFS) PINs or one-time passwords (OTPs).
They advised anyone receiving suspicious messages not to click on embedded links or make payments without verification. Instead, recipients should contact official helplines or call the national emergency service at 999 to confirm whether a notice is genuine.
Officials have urged citizens to remain vigilant as cybercriminals increasingly exploit public awareness of new technologies and government services.
ASM Shamim Reza, managing director of The Team Phoenix Group, a cybersecurity ecosystem-building initiative, said, "Scammers are increasingly using fear and urgency to trick people into acting before they think. Any traffic fine notification received via SMS, email, or messaging apps should be treated with caution unless it comes through official government channels."
"Citizens should never click on links in unsolicited messages or enter banking, card, OTP, or mobile financial service credentials on websites reached through those links," he added.
Verify fines directly through official BRTA channels instead of using links sent in messages.
Check website addresses carefully. Scammers often use lookalike domains that closely resemble legitimate government portals.
Never share OTPs, card details, PINs or MFS credentials in response to a fine notification.
Be suspicious of messages that create urgency, threaten penalties or demand immediate payment.
If you suspect a scam attempt, report it to the relevant authorities. If you have already shared information, immediately contact your bank or MFS provider.
