Thursday, February 9, 2012

Last Updated: 20 August 2010 Reporting and Identification of Phishing, Fraudulent Refund E-mail Scams and Fake Income Tax Web Sites

Disclaimer:

* The Income Tax Department does not request detailed personal information through e-mail.
* The Income Tax Department does not send e-mail requesting your PIN numbers, passwords or similar access information for credit cards, banks or other financial accounts.


Identification of phishing / fraudulent refund e-mails:

* What is 'phishing'?
o Phishing is the process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from financial institutions, popular social web sites, auction sites, online payment processors or IT administrators are commonly used to lure the unsuspecting public. Phishing is typically carried out by e-mail or instant messaging and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one.
* Samples of phishing e-mails PDF/HTML

* What is 'phishing'?
* Samples of phishing e-mails PDF


Advisory:

If you receive an e-mail from someone claiming to be the authorized by Income Tax Department or directing you to an Income Tax website:

* Do not reply.
* Do not open any attachments. Attachments may contain malicious code that will infect your computer.
* Do not click on any links. If you clicked on links in a suspicious e-mail or phishing website then do not enter confidential information like bank account, credit card details.
* Do not cut and paste the link from the message into your browsers, phishers can make link look like real, but it actually send you to different websites.
* Use anti-virus software, anti spyware, and a firewall and keep them updated. Some phishing e-mails contain software that can harm your computer or track your activities on the internet without your knowledge. Anti-virus & Anti-spyware software and firewall can protect you from inadvertently accepting such unwanted files.


Reporting:

* If you receive an e-mail or find a website you think is pretending to be of Income Tax Department, forward the e-mail or website URL to phishing@incometaxindia.gov.in. A copy may also be forwarded to incident@cert-in.org.in
* You may forward the message as received or provide the Internet header of the e-mail. The Internet header has additional information to help us locate the sender.
* After you forward the e-mail or header information to us, delete the message.
* If you receive a phishing mail not pertaining to the Income Tax Department, forward the same to incident@cert-in.org.in

No comments: