Stock Prices

Saturday, 13 February 2016

Steps taken by Income Tax Department for safeguarding tax payers from Phishing email

Steps taken by Income Tax Department for safeguarding tax payers from Phishing email

Government of India Ministry of Finance Department of Revenue Central Board of Direct Taxes


New Delhi,  5th February, 2016

Sub: Steps taken by Income Tax Department for safeguarding taxpaye rs from Phishing email - regarding

The Income Tax Department has been at the forefront of using technology in implementing its e-Governance initiatives. Most of its routine communication to taxpayers is through email and SMS. Therefore, the Department is very sensitive and alert to attempts made by fraudsters to spoof the Departments identity to send phishing emails. To ensure that taxpayers are aware that the Department does not seek any confidential or financial information of the taxpayer over email,  the below mentioned  advisory has been prominently  displayed  on the national website:

“The Income Tax Department NEVER asks for your PIN numbers, passwords or similar access information for credit cards, banks or other financial accounts through e-mail.

The Income Tax Department appeals to taxpayers NOT to respond to such e-mails and NOT to
share information relating to their credit card, bank and other financial accounts.”

The Dos and Donts to ensure that the gullible taxpayers do not inadvertently play into the hands         of        fraudsters         are        clearly         mentioned         on         the         website: http ://www. inco meta xind ia. go v. in/Pa ges/report-phishing.asp x. All taxpayer reports of phishing emails  are  forwarded  to  inc ide nt@ce rt- in  which  is  a  Government  of  India  agency mandated to fight  against such threats.

Further,   the   Department   has   implemented   best  practices   such  as  SPF   (Sender  Policy Framework),  DKIM (Domain Keys  Identified  Mail) and  DMARC  (Domain-based  Message Authentication,  Reporting  & Conformance)    for  its  email domains.  Use of these  protocols enables the e-mail receiver domains such as Gmail, Yahoo, Hotmail etc to determine whether or not a received e- mail is actually  from the defined sender such as the Department and block phishing  emails  from reaching  the taxpayer.

Taxpayers are advised to follow these simple checks if they do receive any email purporting to be from the Income Tax Department:

   Check  for the domain  name care fully.  Fake emails  will  have  misspelt or  incorrect sounding  variants of websites of the Income Tax Department.
   Check the message header for example in Gmail it can be viewed by selecting the
option Show Original.
Do not open such emails  in spam or junk folder  and do not reply to such emails. Do not open any attachments.  Attachments  may contain malicious  code.
Do  not  click  on  any  links.  Even  if  you  have  clicked  on  links  inadvertently  in  a
suspicious e- mail or phishing website then do not enter confidential information like bank account, credit card details.

Do not cut and paste the link  from the message into your browsers.
Forward the phishing emails to  inc ide nt@ce rt- in with a request to examine and block the sender.
Use anti-virus  software, anti spyware, and a firewall  and keep them updated.

Income Tax Department is committed to encouraging taxpayers to engage with it electronically by following  safe and best practices.

(Shefali Shah) Pr. Commissioner of Income Tax (OSD) Official Spokesperson, CBDT

No comments:

Post a Comment