A number of Fraudulent cases in India witnesses every day as cybercrime is growing even in small towns or remote areas.  According to a report by the National Crime Records Bureau (NCRB) for the year 2016, more than 50% of cybercrimes in India were traced to Jamtara (a small town in Jharkhand state). The government set up a cyber crime police station in Jamtara in 2017, but the menace continues. Recently, a Paytm customer from Mumbai lost 1.7 lakh in a KYC (know your customer) fraud case, and the kingpin of the fraud was alleged to be based out of Jamtara. Such frauds are typically conducted over phone calls, through messages, fraudulent apps, and email. 

Phishing emails claiming to be from the tax department are on the rise in a recent email campaign, the tax department sent email addresses, SMS source codes and URLs it uses to communicate

Many such cases are centered around the income tax department, wherein fraudsters send an email that looks like it has been sent from the department. Here’s the modus operandi and how to deal with it.

Modus Operandi

Indian Computer Emergency Response Team (CERT-In) is working as Operandi for Income tax fraud directly comes under the ministry of electronics and information technology. “A phishing and malware campaign is active since at least September 12 and is targeting individuals as well as financial organizations. The campaign involves fake emails purporting to be sent by the Indian Income Tax Department. Two variants of the email have been observed. The first variant includes an attachment with extension ‘.img’ which contains a malicious ‘.pif’ file. The second variant lures the users to download a malicious ‘.pif’ file hosted on a Sharepoint page via a link of fraudulent domain incometaxindia[.]info. This domain has now been disabled,” it stated. Once you download or click on these files, they modify or get access to the operating system you are using to steal information and data. In many cases, frauds directly send SMSes or emails through which they inform the recipient, that their income tax return has been processed and they are due to get a refund. In such cases, they ask for the account number to which the amount can be credited. Sometimes, fraudsters intentionally mention an incorrect bank account number and ask the recipient to verify the same or update it if it is wrong. The link usually leads to a phishing webpage that looks almost identical to the legitimate income tax department website. The recipient is asked to enter his bank-related and other details, which are easily stolen.

How to Avoid 

If you receive and identify a fraudulent email claiming to be from the income tax department, don’t click on any link or download any attachment. “If any taxpayer is duped by such emails or messages, he or she should immediately file a complaint with the IT cell of the police department. It would be helpful to keep all the related screenshots and bank references generated for the transfers so that the authorities have sufficient information to track the transaction,” said Sandeep Sehgal, director, tax and regulatory, Ashok Maheshwary and Associates LLP. If the email is related to income tax, forward the email or website URL to phishing@incometax.gov.in. A copy may also be forwarded to incident@cert-in.org.in to register a complaint with the IT ministry. 

Important things to be Keep in Mind

In a recent email campaign, the income tax department sent email addresses, SMS source codes and URLs it uses to communicate with taxpayers. The department listed email addresses such as @incometax.gov.in, @incometaxindiaefiling.gov.in, @tdscpc.gov.in and so on to send email. Similarly, some of the department’s SMS source codes are ITDEPT, ITDEFL, TDSCPC and so on and URLs include www.incometaxindia.gov.in, www.incometaxindiaefiling.gov.in, www.tdscpc.gov.in and so on.

Typically, emails sent by the income tax department are system-generated and you are not required to reply in the same email.

To be doubly sure, log in to your tax filing account on the department’s website— www.incometaxindiaefiling.gov.in. Locate the “reminders/campaigns” tab and click on it to view information about all emails and SMSes sent by the department on a particular date, as well as the subject line. 

Also, remember that the tax department never seeks any information from a taxpayer such as username, password, and details of debit and credit cards, over email. If you are required to take any action, you will be asked to log in to your e-filing account on the income tax e-filing website.

While the income tax department does its part by sending messages to customers, warning them of online frauds and threats, you can stay out of trouble by not disclosing sensitive details about your various accounts and checking the veracity of the links or apps you download or use on your devices.