New Internet Scam in the name of Income Tax (IT) refund

Dec 2nd, 2011No Comments

A new scam has emerged that is targeting Indians specifically – it is also in the form of an email that tells you about income tax refund, but is actually trying to get your online banking log-in ID and password so that your account can be emptied!

The Email from “Income Tax Department”

The scam starts with an email.

The sender of the email is “Income Tax Department”, and the subject is “Tax-Refund Notification

On opening the email, you would see this:

It looks quite legitimate and even has the logo of the Income Tax Department! It tells you that you have some income tax refund, and you need to click a link and submit a “tax refund request”.

If you see carefully, you would see that the sender of the email is:

Depending on the email provider you use, you would also be able to see that the message has been sent via (see the red box in the image above):

What does this mean? It means that it has not been sent directly from the website! This is the first red flag for the fraud.

Also, the email is addressed to “Valued Taxpayer”. If it a genuine email with a refund amount that is unique to you, shouldn’t it also be directly addressed to you? This is the second thing that doesn’t seem right on this page.

So what happens once you click the link in the email?

Website of the Income Tax Department of India

When you click on the link on the email, you are taken to the website of the Income Tax Department of India, which looks like this:

This website too looks quite legitimate! After all, it has the right logo and all the menus! But is it?

Of course not! If you see the address bar of your browser, you wold see that instead of having the address of the website, it has numbers followed by letters. (See the red box in the above image)

(For the technically inclined, the number is the IP address of the computer on which this scam website is hosted)

Also, if you hover your mouse on any of the menu items in the left menu, you would again see that the links point to the same “number”, and not to the income tax department website.

Bank’s website page

The page asks you to select your bank and click on “go”. This is what you see when you select the bank and click on the “go” button:

As you would expect, this page looks like the login page of your bank’s internet banking facility. In fact, it looks quite genuine as well.

But there are a few red flags here as well.

First, why should you need to log into your bank’s online banking to claim income tax refund?

And second, the address bar of your browser for even this page has numbers followed by letters instead of having the address of the website (See the red box in the above image).

Going further

So this is definitely a fraudulent website. But what happens if you end up entering the log in / password here?

For one, the scamsters now know the log in details for the internet banking facility for your bank account. But it doesn’t stop there. Here’s the next page:

This page asks for your debit card / ATM card number, and many other relevant details of your bank account.

As you would see, the address bar of your browser for even this page has numbers followed by letters instead of having the address of the website (See the red box in the above image).

Once you enter the details here, this is what you see:

What happens next?

As we saw above, there are many red flags that identify this whole thing as a scam. But what if you are not alert and fall for it?

You can be lured by the “income tax refund” money, and would end up giving the scamster your internet banking log in details. Not just that, you would also give him your debit / ATM card umber, and all other relevant details of your bank account.

This means that the person behind this scam can approach your bank with all the information that a bank employee might ask to verify the requester’s authenticity! And once he is authenticated, he can easily wipe out your bank account in no time!

Share this article with your friends and such scams can be avoided.

Leave a Reply