Cybercrime Southeast Europe Newsletter No. 106
Fake Traffic Fine Text Messages – New Phishing Campaign in Serbia
Dear Clients,
The Ministry of Internal Affairs of the Republic of Serbia has recently warned citizens about a new campaign involving fraudulent SMS and iMessage messages in which the senders falsely present themselves as representatives of the Traffic Police Administration.
These messages typically inform recipients that they allegedly have an unpaid traffic fine, that they must review evidence of a traffic violation, or that they need to pay a penalty through a link provided in the message. At first glance, such messages may appear convincing, particularly because they reference government authorities, traffic offenses, and legal payment obligations.
However, the Ministry of Internal Affairs has clearly stated that neither the Ministry nor the Traffic Police Administration sends notifications regarding traffic violations via SMS or iMessage, nor do they request payment of fines through such messages.
Official notifications concerning traffic offenses are delivered exclusively through regular mail or via the government’s eGovernment portal, in accordance with applicable laws and official procedures.
This type of scam is a classic example of phishing, a method used by cybercriminals to trick individuals into opening fraudulent websites and entering personal information, passwords, payment card details, or other sensitive data.
What makes these scams particularly dangerous is the misuse of the names of government institutions. When a message appears to come from the police or another official authority, recipients often feel pressured to act quickly out of fear of missing a deadline, facing additional penalties, or experiencing other legal consequences. Cybercriminals deliberately exploit this sense of urgency.
One of the key warning signs is that such messages often originate from foreign telephone numbers or accounts that have no connection to any government institution. In addition, the internet links included in the messages frequently direct users to websites whose domain names do not belong to official government services.
The Ministry also reported that the Service for Combating High-Tech Crime had previously identified and arrested citizens of the People’s Republic of China who were operating similar phishing campaigns from within Serbia using specialized equipment capable of sending large volumes of fraudulent SMS messages. According to the authorities, the current campaign represents a new iteration of the same type of fraud, with messages now primarily being distributed from foreign-registered numbers.
Citizens are advised not to open suspicious links, not to enter personal information, passwords, or payment card details on unknown websites, and to carefully verify whether an internet address genuinely belongs to an official institution before interacting with it.
Individuals who receive such messages are encouraged to report them through Serbia’s National Cybercrime Reporting Platform, “Sajber straža.” Through this platform, users can submit suspicious messages, websites, or other content for review and receive an expert assessment of potential risks.
This case serves as a reminder that modern cybercrime often does not begin with sophisticated hacking techniques. Instead, it frequently starts with a simple message that appears credible enough to convince someone to take a single wrong step.
For this reason, it is important to remember a basic rule: whenever a message demands an urgent payment, asks you to click a link, or requests sensitive information—especially when it claims to come from a government authority—you should verify its authenticity through official channels before taking any action.
Your DefendMe Team