A recent Netflix series—Jamtara: Sabka Number Ayega—has picked up its name and the plot from a small town in Jharkhand considered the capital of cybercrimes in India. According to a report by the National Crime Records Bureau (NCRB) for the year 2016, more than 50% of cybercrimes in India were traced to Jamtara.
The series shows a group of young men running a lucrative phishing operation, but that’s only one of the various types of frauds that can be traced back to the town. The government set up a cybercrime police station in Jamtara in 2017, but the menace continues.
Recently, a Paytm customer from Mumbai lost ₹1.7 lakh in a KYC (know your customer) fraud case, and the kingpin of the fraud was alleged to be based out of Jamtara. Such frauds are typically conducted over phone calls, through messages, fraudulent apps and email.
Many such cases are centered around the income tax department, wherein fraudsters send an email that looks like it has been sent from the department. Here’s the modus operandi and how to deal with it.
One modus operandi related to income tax frauds got highlighted through a statement issued by the Indian Computer Emergency Response Team (CERT-In) that comes under the ministry of electronics and information technology on 19 September 2019.
“A phishing and malware campaign is active since at least September 12, and is targeting individuals as well as financial organizations. The campaign involves fake emails purporting to be sent by the Indian Income Tax Department. Two variants of the email have been observed. The first variant includes an attachment with extension ‘.img’ which contains a malicious ‘.pif’ file. The second variant lures the users to download a malicious ‘.pif’ file hosted on a Sharepoint page via a link of fraudulent domain incometaxindia[.]info. This domain has now been disabled,” it stated. Once you download or click on these files, they modify or get access to the operating system you are using to steal information and data.
Apart from malicious attachment, fraudsters send SMSes and emails with links that lead to fake sites. For instance, in many cases, SMSes or emails are sent informing the recipient that their income tax return has been processed and they are due to get a refund. In such cases, they ask for the account number to which the amount can be credited. Sometimes, fraudsters intentionally mention an incorrect bank account number and ask the recipient to verify the same or update it if it is wrong. The link usually leads to a phishing webpage that looks almost identical to the legitimate income tax department website. The recipient is asked to enter his bank-related and other details, which are easily stolen.
Besides financial losses and identity theft, such emails can also harm your device.
What’s your recourse?
If you receive and identify a fraudulent email claiming to be from the income tax department, don’t click on any link or download any attachment. “If any taxpayer is duped by such emails or messages, he or she should immediately file a complaint with the IT cell of the police department. It would be helpful to keep all the related screenshots and bank references generated for the transfers, so that the authorities have sufficient information to track the transaction,” said Sandeep Sehgal, director, tax and regulatory, Ashok Maheshwary and Associates LLP.
If the email is related to income tax, forward the email or website URL to email@example.com. A copy may also be forwarded to firstname.lastname@example.org to register a complaint with the IT ministry.
In case you receive a phishing mail not pertaining to the income tax department, you can still forward it to CERT.
Things to keep in mind
In a recent email campaign, the income tax department sent email addresses, SMS source codes and URLs it uses to communicate with taxpayers. The department listed email addresses such as @incometax.gov.in, @incometaxindiaefiling.gov.in, @tdscpc.gov.in and so on to send email. Similarly some of department’s SMS source codes are ITDEPT, ITDEFL, TDSCPC and so on and URLs include www.incometaxindia.gov.in, www.incometaxindiaefiling.gov.in, www.tdscpc.gov.in and so on.
Typically, emails sent by the income tax department are system-generated and you are not required to reply in the same email.
To be doubly sure, log in to your tax filing account on the department’s website— www.incometaxindiaefiling.gov.in. Locate the “reminders/campaigns” tab and click on it to view information about all emails and SMSes sent by the department on a particular date, as well as the subject line.
Also, remember that the tax department never seeks any information from a taxpayer such as username, password, and details of debit and credit cards, over email. If you are required to take any action, you will be asked to log in to your e-filing account on the income tax e-filing website.
While the income tax department does its part by sending messages to customers, warning them of online frauds and threats, you can stay out of trouble by not disclosing sensitive details about your various accounts and checking the veracity of the links or apps you download or use on your devices.