Scammers in Sri Lanka are no longer just sending suspicious links. They are now building fake government websites, creating counterfeit mobile apps carrying official logos, and impersonating some of the country’s most trusted institutions. Three separate fraud operations have come to light within days of each other, and authorities are urging the public to act carefully before they click, download, or share anything.
Fake NIC registrations and a phishing website
The Department for Registration of Persons has warned the public not to provide personal information to suspicious callers or through fraudulent websites, specifically flagging a fake site at drpgov-lk.com, which is designed to resemble the department’s official portal. The department has reiterated that no registration is currently being conducted for an e-National Identity Card or any form of Digital Identity Card, and has called on the public to remain vigilant. The real DRP website is drp.gov.lk, and the only verified hotline number for NIC inquiries is 011 5226126, reachable on weekdays between 8.30 a.m. and 4.15 p.m. Any call or message outside those parameters, or through any other number, should be treated with caution.
The SriLankan Airlines banking trojan
This is arguably the most technically dangerous of the three. Fraudsters have been contacting people via WhatsApp, posing as SriLankan Airlines representatives, and directing them to download a mobile app named SriLankan.apk through three fraudulent websites: srilankan.wuozgo.cc, srilankan.vaco.cc, and srilankan.krgo.cc. Investigations revealed that the app functions as a banking trojan, granting remote access to mobile phones and exposing sensitive personal data, including OTPs, bank account details, and biometric authentication data such as fingerprints and facial recognition. The phone numbers 0774558361, 0117771979, 0741142208, 0775791209, and 0743268200 have been identified as being used in connection with the scam.
SriLankan Airlines has been clear: it does not contact customers via WhatsApp or make unsolicited calls for ticketing, promotions, or any other purpose, and will never request OTPs, banking PINs, credit card details, or ask customers to share their screens or install mobile applications. The airline first flagged this escalation on April 8, 2026. All legitimate communications from the airline go through www.srilankan.com or its verified social media channels.
A pattern that has been building
These incidents are not isolated. Sri Lanka Police have noted that individuals are increasingly being deceived into revealing confidential information including bank account details, usernames, passwords, OTPs, and QR codes, with fraudsters often operating under the guise of employment opportunities, investment schemes, or financial benefits.
The broader picture points to a fraud ecosystem that is becoming more organised and more convincing. The use of real government hotline numbers, official logos on fake apps, and airline branding on trojan software shows that these groups are investing time into making their operations look legitimate.
What to do right now
If you receive an unexpected call from anyone claiming to represent a government department or a well-known company, do not act on it immediately. Hang up and call the institution directly using a number you find on their official website. Do not download any app sent to you via WhatsApp or Telegram. Do not enter personal details on any website unless you have typed the address yourself and confirmed it is correct.
Anyone who believes they have been targeted can report the incident to the nearest police station or contact the Cyber Crimes Division of the CID. Sri Lanka CERT can also be reached at incidents@cert.gov.lk or by calling 101.
