NEW DELHI: The Income Tax department today issued an advisory asking taxpayers not to share their personal financial details over email or phone and urged them to register a complaint in case they face such malicious attempt.
The advisory has come at a time when income tax returns (ITRs) filing season has concluded and it is an opportune time for hackers and other fraudsters to launch phishing attempts to compromise users’ vital data for their illegal benefits by dishing out false promises about pending refunds or ITR authentications.
“Taxpayers are requested not to respond to any email or any type of communication sent to them requesting them to furnish their personal particulars such as bank account details, passwords, one-time password etc purported to be from the Income Tax department.
“The Income Tax department does not seek any such information through email or any other mode of communication from the taxpayers,” the advisory said.
The department also asked the taxpayers that they should register a complaint if they receive such fake communication over email or phone.
“If you have received any such fraud mails, kindly do not respond and register a complaint by forwarding the actual phishing email as per procedure and details given in http://www.Incometaxindia.Gov.In/pages/report-phishing.Aspx (the official web-link of the department’s complaint box),” it said.
With the popularity of e-filing and other Internet-based income tax applications growing, there is always a challenge to counter phishing and hacking attempts that can be perpetrated on a taxpayers’ bonafide account and they can be falsely convinced to share their vital information and tax details, it said.
The attempt to issue the advisory is a step in making aware the taxpayers about such instances and attempts, a senior IT official said.
While a ‘phishing’ attempt is an action to acquire sensitive information such as user name, password and credit, debit card details majorly for malicious reasons of defrauding money by masquerading as a trustworthy entity through an electronic communication, a hacking attempt is to gain unauthorised entry into a users’ system.
A similar malicious attempt made over the phone is called ‘vishing’ in electronic terms.
The official said the department is also in active touch with the Computer Emergency Response Team of India (CERT-In) to check such instances.
CERT-In is the nodal agency to combat hacking, phishing and to fortify security-related defences of the Indian Internet domain. (PTI)