The internet has a lot of con men trying to rob you of your money through scams – whether it is someone wanting to transfer money from eastern Europe or some widow of a war lord in Africa asking for your help.
Now, a new scam has emerged that is targeting Indians specifically – it is also in the form of an email that tells you about income tax refund, but is actually trying to get your online banking log-in ID and password so that your account can be emptied!
Read on for full details and to know how to spot this email.
The Email from “Income Tax Department”
The scam starts with an email. In your inbox, it looks like this:
(Please click on any image to see a larger picture with full details)
The sender of the email is “Income Tax Department”, and the subject is “Tax-Refund Notification..”.
On opening the email, you would see this:
As you can see, it looks quite legitimate and even has the logo of the Income Tax Department! It tells you that you have some income tax refund, and you need to click a link and submit a “tax refund request”.
If you see carefully, you would see that the sender of the email is:
ref-dept01@incometaxindia.gov.in
Depending on the email provider you use, you would also be able to see that the message has been sent via (see the red box in the image above):
eigbox.net
What does this mean? It means that it has not been sent directly from the website incometaxindia.gov.in! This is the first red flag for the fraud.
Also, the email is addressed to “Valued Taxpayer”. If it a genuine email with a refund amount that is unique to you, shouldn’t it also be directly addressed to you? This is the second thing that doesn’t seem right on this page.
So what happens once you click the link in the email?
Website of the Income Tax Department of India
When you click on the link on the email, you are taken to the website of the Income Tax Department of India, which looks like this:
This website too looks quite legitimate! After all, it has the right logo and all the menus! But is it?
Of course not! If you see the address bar of your browser, you wold see that instead of having the address of the website, it has numbers followed by letters. (See the red box in the above image)
(For the technically inclined, the number is the IP address of the computer on which this scam website is hosted)
Also, if you hover your mouse on any of the menu items in the left menu, you would again see that the links point to the same “number”, and not to the income tax department website.
Going to the bank’s website
Anyway, the page asks you to select your bank and click on “go”. This is what you see when you select the bank and click on the “go” button:
As you would expect, this page looks like the login page of your bank’s internet banking facility. In fact, it looks quite genuine as well.
But there are a few red flags here as well.
First, why should you need to log into your bank’s online banking to claim income tax refund?
And second, the address bar of your browser for even this page has numbers followed by letters instead of having the address of the website (See the red box in the above image).
Going further
So this is definitely a fraudulent website. But what happens if you end up entering the log in / password here?
For one, the scamsters now know the log in details for the internet banking facility for your bank account. But it doesn’t stop there. Here’s the next page:
This page asks for your debit card / ATM card number, and many other relevant details of your bank account.
As you would see, the address bar of your browser for even this page has numbers followed by letters instead of having the address of the website (See the red box in the above image).
Once you enter the details here, this is what you see:
It is a confirmation that your “Tax refund request has been submitted successfully!”.
What happens if you are not alert?
As we saw above, there are many red flags that identify this whole thing as a scam. But what if you are not alert and fall for it?
You can be lured by the “income tax refund” money, and would end up giving the scamster your internet banking log in details. Not just that, you would also give him your debit / ATM card umber, and all other relevant details of your bank account.
This means that the person behind this scam can approach your bank with all the information that a bank employee might ask to verify the requester’s authenticity! And once he is authenticated, he can easily wipe out your bank account in no time!
How to stay safe
The only way to be safe on the internet is to remain alert.
True, internet banking gives you a lot of convenience. But at the same time, you also have to be on the lookout for things that are suspicious and don’t look right.
To paraphrase Spider Man,
With convenience, comes responsibility.
Stay safe!