Fake DigiYatra Apps Steal Indian Financial Data

A new phishing scam is targeting Indian air travelers by pretending to be the trusted DigiYatra service. This fake website, digiyatra[.]in, looks like the real government-backed travel platform but is actually stealing personal and financial information from users.

The site mimics a genuine flight booking service, using professional design and SSL encryption to appear trustworthy. Visitors see a familiar travel booking page with flight search options and promises like “lowest fare guaranteed” and “easy booking process.”

But behind this facade, the site is capturing sensitive data such as names, phone numbers, emails, and possibly financial details, tricking users into thinking they’re using an official government service.

InfoSec Write-ups analysts found the malicious domain is part of an impersonation campaign active since July 2022. ThreatWatch360 researchers reported the site is hosted on IP 167[.]172[.]151[.]4 and uses a Let’s Encrypt SSL certificate to seem secure.

The domain is registered under the name Ali Sajil from Kerala, India, though this may be fake.

This phishing attack poses a serious risk to India’s digital services by damaging public trust and exposing users to identity theft and financial fraud. It comes at a time when digital travel services are growing in popularity, making the threat even more concerning.

How the Scam Works

The fake website uses advanced techniques to appear legitimate and collect user data. The domain name digiyatra[.]in was chosen to match the real DigiYatra brand and trick users.

It uses an SSL certificate that includes both the main domain and an app subdomain (app.digiyatra.in), hinting at possible plans to fake a mobile app as well.

The site’s design closely copies real travel booking platforms but doesn’t actually process any bookings. Instead, it collects personal information, which may be sold on the dark web or used for future scams targeting Indian citizens.