Alert issued against fake messages on IT refunds
NEW DELHI: The country’s premier cyber security agency — CERT-IN — has cautioned against a malicious ‘Smshing’ fraud where fake messages are being sent to people in the name of the Income Tax Department saying their refunds have been approved, with an aim to steal the recipient’s vital personal details and put them on the dark net “for sale”.
The warning that also acts as an advisory comes at a time when the income tax returns filing season is on, and the Central Board of Direct Taxes (CBDT) has sometime back extended the deadline to do till August 31.
Recently, some people wrote on social media platforms that they had received such messages.
The Indian Computer Emergency Response Team (CERT-IN), the national nodal agency for responding to com- puter security incidents, said once a person clicks on the Smshing (made of SMS and phishing) link, he/she runs the risk of either his/her personal details being “put up for sale on the dark web” (clandestine web), or even their IT department records “altered” by misusing their e-filing credentials.
The advisory describes as to how such fake SMSES could be identified.
“There have been increased reports of incidents related to fake SMS purportedly from Income Tax Department as the filing of IT returns nears. This Smshing campaign uses popular URL (universal resource locator) shortening services such as bit.ly, goo.gl, ow.ly and t.co among others,” it said.
It then goes on to describe the modus operandi of such attack.
“The message in the SMS tells the recipient that their income tax refund for a certain amount has been approved and will be credited shortly in his bank account. An incorrect bank account number follows this. Message reads to the recipient to verify the given bank account number and if found wrong, then visit the shortened bit. ly link provided in the message to update his bank record.
“The bit.ly link is leading to phishing web-pages. Since the bank account number in the SMS is wrong, many recipients are enticed to click on the website link. Clicking on the link in the SMS, opens a website which is lookalike to the Income Tax Department e-filing website,” it said.
The recipient, the advisory said, is asked to enter their bank details to complete their income tax refund application and then enter their login ID and password on the next phishing web-page.
“After that, the details entered by the victim SMS recipient are harvested as sensitive data by the cybercriminals running this campaign for later use in identitythefts or for putting up for sale on the dark web or for even altering the user’s details in the Income Tax Department’s records,” it said.
A senior tax department official said that the department is aware of these malicious Sms-based and online attacks on personal taxpayers and others and they are in touch with the CERT-IN authorities and have also issued public advisories in this context.