During the first week of January 2026, citizens in Kosovo reported receiving messages claiming to be from the “Kosovo Traffic Authorities” containing instructions to pay a traffic fine via attached links and provide personal information.

The Kosovo Police issued a warning on January 7, stating that the messages are scams: “Citizens are receiving messages claiming they have received traffic fines. These messages contain fraudulent links and are intended to mislead the public.”

The messages claim that recipients have committed a traffic violation and demand payment through a link, warning that, “failure to pay will result in additional legal measures.”

“The Kosovo Police have not sent any such messages and urge citizens not to click on any suspicious links, provide personal or bank card information, or make any payment through these links, and to immediately delete the fraudulent messages,” the police statement also indicated.

Cybersecurity expert Kastriot Fetahaj called the campaign a classic smishing (SMS phishing) attack. 

“Attackers impersonate authorities [e.g., traffic police] to pressure citizens into clicking a link and submitting personal or payment data,” he told Prishtina Insight.

He further noted that the likelihood of people falling for it is high because the “message is in the local language, uses a believable trigger [a traffic fine], creates urgency and fear [legal measures if not paid], and includes an official-looking link.”

Fetahaj emphasised that there are strong warning signs in the message that show it is a scam, like the fact that the message comes from an unknown email address rather than an official one.

Moreover, he explained that the link attached to the message uses “words like ‘gov’ or ‘ekosova’,” to appear legitimate although “the domain itself is not an official government domain.”

“If a victim enters their bank card details, it can lead to immediate unauthorised transactions. If they enter personal identifiers, it can enable identity fraud, account takeover attempts, SIM-swap/social engineering, and future targeted scams,” Fetahaj said, adding that, “once someone engages, they are often targeted again.”

This is not the first time Kosovo authorities have warned citizens about fake messages. In October 2025, phishing emails were sent in the name of the Police, and in December 2025, similar messages were sent in the name of the Post of Kosovo.

Fetahaj also shared tips on how to protect from such messages: “Do not click on links in unexpected fine/payment messages; check the sender and domain; treat unknown or unusual domains as suspicious; never provide card or personal information through message links; report suspicious messages as spam and block the sender; if you have already entered your data, contact your bank immediately and change your passwords.”